| VID |
29061 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS has a denial of service vulnerability by SAA packets (CISCO Bug ID CSCdx17916, CSCdx61997).
The Service Assurance Agent (SAA) is the new name for the Response Time Reporter (RTR) feature. The router is vulnerable only if the RTR responder is enabled. When the affected router receives a malformed RTR packet to port 1967, it will crash. RTR is disabled by default.
The RTR feature allows you to monitor network performance, network resources, and applications by measuring response times and availability. With this feature you can perform troubleshooting, problem notifications, and problem analysis based on response time reporter statistics.
By sending malformed RTR packets, a remote attacker can crash the affected router.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml
* Platforms Affected:
Cisco IOS 12.0S, SC, ST, SL, SP, SX
Cisco IOS 12.1, E, EA, EC, EX, EY
Cisco IOS 12.2, DA, S |
| Recommendation |
Upgrade to the fixed version of Cisco IOS, as listed in "Software Versions and Fixes" of Cisco Security Advisory, http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml . Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com .
For detail descriptions and workarounds, see also http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml |
| Related URL |
CVE-2003-0305 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
