Korean

<< Back VID 29082 Severity 30 Port 161 Protocol UDP Class CISCO Detailed Description The Cisco IOS has a VPNSM Malformed IKE Packet Vulnerability (CISCO bug ID CSCed30113). The Cisco IP Security (IPSec) VPN Services Module (VPNSM) is a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Router that provides infrastructure-integrated IPSec VPN services. By sending a malformed Internet Key Exchange (IKE) packet, a remote attacker could cause the device with the VPNSM installed to crash and reload. This vulnerability is known to only exist in the modified IKE code which was incorporated in the 12.2SXA, 12.2SXB, 12.2SY and 12.2ZA Cisco IOS software release trains. * Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor. * References: http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml http://www.securityfocus.com/archive/1/359843 * Platforms Affected: Cisco Systems, Inc., Cisco 6500 Any version Cisco Systems, Inc., Cisco 7600 Any version Cisco Systems, Inc., Cisco IOS 12.2SXA Cisco Systems, Inc., Cisco IOS 12.2SXB Cisco Systems, Inc., Cisco IOS 12.2SY Cisco Systems, Inc., Cisco IOS 12.2ZA Recommendation Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability) at http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml . Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com/tacpage/library/12.2/index.shtml . For details, see http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml . Related URL (CVE) Related URL 10083 (SecurityFocus) Related URL 15797 (ISS)