Cisco NX-OS Malformed IP Packet DoS (cisco-sa-20120215-nxos)

high Nessus Plugin ID 66698

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that causes Cisco Nexus 1000v, 1010, 5000, and 7000 Series Switches, and the Cisco Virtual Security Gateway (VSG) for Nexus 1000V Series Switches, that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20120215-nxos.

See Also

http://www.nessus.org/u?a6de4c80

Plugin Details

Severity: High

ID: 66698

File Name: cisco-sa-20120215-nxos.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 5/31/2013

Updated: 10/29/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/26/2012

Vulnerability Publication Date: 2/15/2012

Reference Information

BID: 52027

CISCO-SA: cisco-sa-20120215-nxos

CISCO-BUG-ID: CSCti23447