| VID |
29127 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS, according to its version number, has a heap-based buffer overflow vulnerability (CISCO bug ID CSCei61732) in system timers. CISCO IOS 12.0x, 12.1x, 12.2x, 12.3x and 12.4x versions are vulnerable to a heap-based buffer overflow attack, caused by a boundary check error in system timers. By sending a specially-crafted packet, a remote attacker could execute arbitrary code with System service privileges and cause a denial of service on the affected system.
* Note: This check solely relied on the version number of the remote system to assess these vulnerabilities, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://securitytracker.com/alerts/2005/Nov/1015139.html
http://seclists.org/lists/bugtraq/2005/Nov/0010.html
http://www.kb.cert.org/vuls/id/562945
http://www.frsirt.com/english/advisories/2005/2282
http://secunia.com/advisories/17413
http://securitytracker.com/alerts/2005/Nov/1015139.html
* Platforms Affected:
CISCO IOS versions 12.0x, 12.1x, 12.2x, 12.3x and 12.4x |
| Recommendation |
Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (IOS Heap-based Overflow Vulnerability in System Timers) at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com |
| Related URL |
CVE-2005-3481 (CVE) |
| Related URL |
15275 (SecurityFocus) |
| Related URL |
(ISS) |
|
