Skip to content

Instantly share code, notes, and snippets.

@KINGSABRI

KINGSABRI/dummy-sw.xml

Created August 7, 2017 22:58
Show Gist options
  • Save KINGSABRI/3dfcb821ea29f918f74c8e1979c5a71f to your computer and use it in GitHub Desktop.
Save KINGSABRI/3dfcb821ea29f918f74c8e1979c5a71f to your computer and use it in GitHub Desktop.
Download ZIP
Nipper XML and HTML report
Raw
dummy-sw.xml
This file has been truncated, but you can view the full file.
<?xml version="1.0" encoding="utf-8"?>
<document nipperstudio="2.5.5.5804" xmlversion="2" xmlrevision="3">
<information>
<title>Audit Report</title>
<author>Nipper Studio</author>
<date>Tuesday, August 8, 2017</date>
<generator>
<product>Nipper Studio</product>
<manufacturer>Titania</manufacturer>
<website>www.titania.com</website>
<version>2.5.5.5804</version>
</generator>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" os="IOS" osversion="12.2" />
</devices>
</information>
<summary title="Summary" ref="REPORTSUMMARY">
<text>Nipper Studio performed an audit on Tuesday, August 8, 2017 of the network device detailed in the scope. The audit consisted of the following components:</text>
<list type="bullet">
<listitem>a best practice security audit (Part 2);</listitem>
<listitem>a software vulnerability audit report (Part 3);</listitem>
<listitem>a Defence Information Systems Agency Security Technical Implementation Guide compliance report (Part 4);</listitem>
<listitem>a configuration report (Part 5).</listitem>
</list>
<text title="Scope">The scope of this audit was limited to the device detailed in Table <linktotable ref="SCOPE.AUDITDEVICELIST.TABLE">1</linktotable>.</text>
<table index="1" title="Audit device scope" ref="SCOPE.AUDITDEVICELIST.TABLE">
<headings>
<heading>Device</heading>
<heading>Name</heading>
<heading>OS</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>IOS 12.2</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Security Audit Summary">Nipper Studio performed a security audit of the one device detailed in the scope and identified 30 security-related issues. Although significant issues were identified that Nipper Studio recommends should be reviewed as soon as is practical, most of the security issues were rated as low or informational. Each of the issues identified is described in greater detail in the main body of this report.</text>
<text>Nipper Studio identified a number of clear-text protocol related issues. It is important that all clear-text protocol services should be replaced with cryptographically secure alternatives in order to help prevent unauthorized eavesdropping of potentially sensitive data. Furthermore the clear-text services are often used for administration purposes and a malicious user, or attacker, who is able to monitor the communications may also gain access to authentication credentials that could then lead them to gain administrative access to the system.</text>
<text>Nipper Studio can draw the following statistics from the results of this security assessment, (percentages have been rounded). 8 issues (27%) were rated as high, 5 issues (17%) were rated as medium, 11 issues (37%) were rated as low and 6 issues (20%) were rated as informational.</text>
<graph index="1" title="Severity Classification" ref="SECURITY.SUMMARY.RATINGS" position="bottomleft" type="pie">
<datalabels>
<datalabel>High</datalabel>
<datalabel>Medium</datalabel>
<datalabel>Low</datalabel>
<datalabel>Informational</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>8</data>
<data>5</data>
<data>11</data>
<data>6</data>
</graphdata>
<datacolors>
<datacolor>#FF5C00</datacolor>
<datacolor>#FFBF00</datacolor>
<datacolor>#8DC100</datacolor>
<datacolor>#006300</datacolor>
</datacolors>
</graph>
<graph index="2" title="Issue Classification" ref="SECURITY.SUMMARY.CLASSIFICATION" position="bottomright" type="bar">
<datalabels title=")Classification">
<datalabel>Admin</datalabel>
<datalabel>Auth</datalabel>
<datalabel>Best</datalabel>
<datalabel>Text</datalabel>
<datalabel>Filter</datalabel>
</datalabels>
<graphdata title="Issues" datadepth="1">
<data>10</data>
<data>4</data>
<data>13</data>
<data>4</data>
<data>3</data>
</graphdata>
<datacolors>
<datacolor>#A7AAFF</datacolor>
<datacolor>#918FDC</datacolor>
<datacolor>#A7AAFF</datacolor>
<datacolor>#918FDC</datacolor>
<datacolor>#A7AAFF</datacolor>
</datacolors>
</graph>
<text>Nipper Studio performed a vulnerability audit of the one device detailed in the scope. </text>
<table index="2" title="Summary of findings from the Vulnerability Audit for each device" ref="VULN.SUMMARY.AUDITRESULTLIST">
<headings>
<heading>Device</heading>
<heading>Name</heading>
<heading>Critical</heading>
<heading>High</heading>
<heading>Medium</heading>
<heading>Low</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item><textprop color="red">18</textprop></item></tablecell>
<tablecell><item><textprop color="color-amber">138</textprop></item></tablecell>
<tablecell><item><textprop color="color-yellow">58</textprop></item></tablecell>
<tablecell><item><textprop color="color-green">2</textprop></item></tablecell>
</tablerow>
</tablebody>
</table>
<graph index="3" title=" Vulnerability Findings" ref="VULN.DEVICE..COVERAGE.RATINGS.SUMMARY" position="bottom" type="pie">
<datalabels>
<datalabel>Critical</datalabel>
<datalabel>High</datalabel>
<datalabel>Medium</datalabel>
<datalabel>Low</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>18</data>
<data>138</data>
<data>58</data>
<data>2</data>
</graphdata>
<datacolors>
<datacolor>#AD0818</datacolor>
<datacolor>#FF5C00</datacolor>
<datacolor>#FFBF00</datacolor>
<datacolor>#8DC100</datacolor>
</datacolors>
</graph>
<text title="DISA STIG Summary">Nipper Studio performed one DISA STIG compliance audit. Table <linktotable ref="STIGCOMPLIANCE.SUMMARY.DEVICESSUM">3</linktotable> summarizes the findings.</text>
<table index="3" title="DISA STIG device compliance summary" ref="STIGCOMPLIANCE.SUMMARY.DEVICESSUM">
<headings>
<heading>Name</heading>
<heading>STIG</heading>
<heading>Version</heading>
<heading>I Pass</heading>
<heading>I Fail</heading>
<heading>I Man</heading>
<heading>II Pass</heading>
<heading>II Fail</heading>
<heading>II Man</heading>
<heading>III Pass</heading>
<heading>III Fail</heading>
<heading>III Man</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco</item></tablecell>
<tablecell><item>8 Release 21 (10/28/16)</item></tablecell>
<tablecell><item><textprop color="color-green">4</textprop></item></tablecell>
<tablecell><item><textprop color="red">3</textprop></item></tablecell>
<tablecell><item><textprop color="color-amber">4</textprop></item></tablecell>
<tablecell><item><textprop color="color-green">18</textprop></item></tablecell>
<tablecell><item><textprop color="red">7</textprop></item></tablecell>
<tablecell><item><textprop color="color-amber">38</textprop></item></tablecell>
<tablecell><item><textprop color="color-green">12</textprop></item></tablecell>
<tablecell><item><textprop color="red">6</textprop></item></tablecell>
<tablecell><item><textprop color="color-amber">16</textprop></item></tablecell>
</tablerow>
</tablebody>
</table>
<graph index="4" title="STIG CAT I Findings" ref="SUMMARY.STIG.CAT1FINDINGS" position="bottomleft" type="pie">
<datalabels>
<datalabel>Passed</datalabel>
<datalabel>Manual</datalabel>
<datalabel>Failed</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>4</data>
<data>4</data>
<data>3</data>
</graphdata>
<datacolors>
<datacolor>#006300</datacolor>
<datacolor>#FF5C00</datacolor>
<datacolor>#AD0818</datacolor>
</datacolors>
</graph>
<graph index="5" title="STIG CAT II Findings" ref="SUMMARY.STIG.CAT2FINDINGS" position="bottomright" type="pie">
<datalabels>
<datalabel>Passed</datalabel>
<datalabel>Manual</datalabel>
<datalabel>Failed</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>18</data>
<data>38</data>
<data>7</data>
</graphdata>
<datacolors>
<datacolor>#006300</datacolor>
<datacolor>#FF5C00</datacolor>
<datacolor>#AD0818</datacolor>
</datacolors>
</graph>
</summary>
<contents>
<sections>
<content type="part" index="1" title="Your Report" ref="YOURREPORT">
<content type="section" index="1.1" title="Introduction" ref="INTRODUCTION" />
<content type="section" index="1.2" title="Report Conventions" ref="REPORTCONVENTIONS" />
<content type="section" index="1.3" title="Compliance Check Results" ref="REPORTCOMPLIANCERESULT" />
</content>
<content type="part" index="2" title="Security Audit" ref="SECURITYAUDIT">
<content type="section" index="2.1" title="Introduction" ref="SECURITY.INTRODUCTION" />
<content type="section" index="2.2" title="Users With A Weak Authentication Password" ref="AUTHENTICATION.USERS.WEAKPASSWORD" />
<content type="section" index="2.3" title="Clear Text Telnet Service Enabled" ref="ADMINISTRATION.TELNET.ENABLED" />
<content type="section" index="2.4" title="Administration Line Without An Access Control List Configured" ref="ADMINISTRATION.LINE.NOACL" />
<content type="section" index="2.5" title="Spanning Tree Protocol Bridge Protocol Data Unit Guard Not Enabled" ref="PROTOCOLS.STP.BPDUGUARD" />
<content type="section" index="2.6" title="STP Root Guard Not Enabled" ref="PROTOCOLS.STP.ROOTGUARD" />
<content type="section" index="2.7" title="No VLAN Trunking Protocol Authentication Password Was Configured" ref="PROTOCOLS.VTP.NOPASSWORD" />
<content type="section" index="2.8" title="Enable Password Configured" ref="AUTHENTICATION.USERS.ENABLE" />
<content type="section" index="2.9" title="No Inbound Transmission Control Protocol Connection Keep-Alives" ref="PROTOCOLS.KEEPALIVES.IN" />
<content type="section" index="2.10" title="DTP Was Enabled" ref="PROTOCOLS.DTPENABLED" />
<content type="section" index="2.11" title="STP Loop Guard Not Enabled" ref="PROTOCOLS.STP.LOOPGUARD" />
<content type="section" index="2.12" title="No Outbound TCP Connection Keep-Alives" ref="PROTOCOLS.KEEPALIVES.OUT" />
<content type="section" index="2.13" title="Syslog Logging Not Enabled" ref="LOGGING.SYSLOG.NOT.ENABLED" />
<content type="section" index="2.14" title="No Time Synchronization Configured" ref="TIME.NONE.CONFIGURED" />
<content type="section" index="2.15" title="Service Password Encryption Disabled" ref="CONFIGRELATED.SERVPASS.ENCRYPT" />
<content type="section" index="2.16" title="Cisco Discovery Protocol Was Enabled" ref="PROTOCOLS.CDPENABLED" />
<content type="section" index="2.17" title="The BOOTP Service Was Not Disabled" ref="ADMINISTRATION.BOOTP.NOT.DISABLED" />
<content type="section" index="2.18" title="Switch Port Security Disabled" ref="INTERFACES.PORTSECURITY" />
<content type="section" index="2.19" title="VTP Was In Server Mode" ref="PROTOCOLS.VTP.SERVER" />
<content type="section" index="2.20" title="Internet Protocol Source Routing Was Enabled" ref="ROUTING.IPSOURCEROUTING" />
<content type="section" index="2.21" title="Proxy Address Resolution Protocol Was Enabled" ref="PROTOCOLS.PROXYARP" />
<content type="section" index="2.22" title="Weak Minimum Password Length Policy Setting" ref="AUTHENTICATION.WEAK.PASSWORDLENGTH" />
<content type="section" index="2.23" title="No Pre-Logon Banner Message" ref="BANNER.NO.PRE.LOGON.MESSAGE" />
<content type="section" index="2.24" title="Interfaces Were Configured With No Filtering" ref="INTERFACES.NOFILTERS" />
<content type="section" index="2.25" title="Internet Control Message Protocol Unreachable Messages Were Enabled" ref="PROTOCOLS.UNREACHABLES" />
<content type="section" index="2.26" title="Domain Name System Lookups Were Enabled" ref="DNS.LOOKUPS.ENABLED" />
<content type="section" index="2.27" title="No Network Filtering Rules Were Configured" ref="FILTERING.NO.RULES" />
<content type="section" index="2.28" title="No Post Logon Banner Message" ref="BANNER.NO.POST.LOGON.MESSAGE" />
<content type="section" index="2.29" title="ICMP Redirect Messages Were Enabled" ref="PROTOCOLS.REDIRECTS" />
<content type="section" index="2.30" title="Unrestricted Outbound Administrative Access" ref="ADMINISTRATION.LINE.ADMINOUT" />
<content type="section" index="2.31" title="Switch Port Trunking Allows All Virtual Local Area Networks" ref="INTERFACES.TRUNKALL" />
<content type="section" index="2.32" title="Conclusions" ref="SECURITY.CONCLUSIONS" />
<content type="section" index="2.33" title="Recommendations" ref="SECURITY.RECOMMENDATIONS" />
<content type="section" index="2.34" title="Mitigation Classification" ref="SECURITY.MITIGATIONS" />
</content>
<content type="part" index="3" title="Vulnerability Audit" ref="VULNAUDIT">
<content type="section" index="3.1" title="Introduction" ref="VULNAUDIT.INTRO" />
<content type="section" index="3.2" title="CVE-2002-1357" ref="VULNAUDIT.CVE-2002-1357" />
<content type="section" index="3.3" title="CVE-2002-1358" ref="VULNAUDIT.CVE-2002-1358" />
<content type="section" index="3.4" title="CVE-2002-1359" ref="VULNAUDIT.CVE-2002-1359" />
<content type="section" index="3.5" title="CVE-2002-1360" ref="VULNAUDIT.CVE-2002-1360" />
<content type="section" index="3.6" title="CVE-2007-0480" ref="VULNAUDIT.CVE-2007-0480" />
<content type="section" index="3.7" title="CVE-2010-1574" ref="VULNAUDIT.CVE-2010-1574" />
<content type="section" index="3.8" title="CVE-2011-3271" ref="VULNAUDIT.CVE-2011-3271" />
<content type="section" index="3.9" title="CVE-2017-3881" ref="VULNAUDIT.CVE-2017-3881" />
<content type="section" index="3.10" title="CVE-2001-0537" ref="VULNAUDIT.CVE-2001-0537" />
<content type="section" index="3.11" title="CVE-2003-1398" ref="VULNAUDIT.CVE-2003-1398" />
<content type="section" index="3.12" title="CVE-2005-3481" ref="VULNAUDIT.CVE-2005-3481" />
<content type="section" index="3.13" title="CVE-2007-2586" ref="VULNAUDIT.CVE-2007-2586" />
<content type="section" index="3.14" title="CVE-2007-4286" ref="VULNAUDIT.CVE-2007-4286" />
<content type="section" index="3.15" title="CVE-2007-4292" ref="VULNAUDIT.CVE-2007-4292" />
<content type="section" index="3.16" title="CVE-2007-5381" ref="VULNAUDIT.CVE-2007-5381" />
<content type="section" index="3.17" title="CVE-2008-3807" ref="VULNAUDIT.CVE-2008-3807" />
<content type="section" index="3.18" title="CVE-2007-4285" ref="VULNAUDIT.CVE-2007-4285" />
<content type="section" index="3.19" title="CVE-2015-0635" ref="VULNAUDIT.CVE-2015-0635" />
<content type="section" index="3.20" title="CVE-2007-4263" ref="VULNAUDIT.CVE-2007-4263" />
<content type="section" index="3.21" title="CVE-2008-3805" ref="VULNAUDIT.CVE-2008-3805" />
<content type="section" index="3.22" title="CVE-2008-3806" ref="VULNAUDIT.CVE-2008-3806" />
<content type="section" index="3.23" title="CVE-2012-0384" ref="VULNAUDIT.CVE-2012-0384" />
<content type="section" index="3.24" title="CVE-2016-6380" ref="VULNAUDIT.CVE-2016-6380" />
<content type="section" index="3.25" title="CVE-2002-2208" ref="VULNAUDIT.CVE-2002-2208" />
<content type="section" index="3.26" title="CVE-2003-0567" ref="VULNAUDIT.CVE-2003-0567" />
<content type="section" index="3.27" title="CVE-2007-0479" ref="VULNAUDIT.CVE-2007-0479" />
<content type="section" index="3.28" title="CVE-2007-0481" ref="VULNAUDIT.CVE-2007-0481" />
<content type="section" index="3.29" title="CVE-2007-2688" ref="VULNAUDIT.CVE-2007-2688" />
<content type="section" index="3.30" title="CVE-2007-2813" ref="VULNAUDIT.CVE-2007-2813" />
<content type="section" index="3.31" title="CVE-2008-1152" ref="VULNAUDIT.CVE-2008-1152" />
<content type="section" index="3.32" title="CVE-2008-3799" ref="VULNAUDIT.CVE-2008-3799" />
<content type="section" index="3.33" title="CVE-2008-3808" ref="VULNAUDIT.CVE-2008-3808" />
<content type="section" index="3.34" title="CVE-2008-3813" ref="VULNAUDIT.CVE-2008-3813" />
<content type="section" index="3.35" title="CVE-2009-0631" ref="VULNAUDIT.CVE-2009-0631" />
<content type="section" index="3.36" title="CVE-2009-0636" ref="VULNAUDIT.CVE-2009-0636" />
<content type="section" index="3.37" title="CVE-2009-2866" ref="VULNAUDIT.CVE-2009-2866" />
<content type="section" index="3.38" title="CVE-2009-2867" ref="VULNAUDIT.CVE-2009-2867" />
<content type="section" index="3.39" title="CVE-2009-2868" ref="VULNAUDIT.CVE-2009-2868" />
<content type="section" index="3.40" title="CVE-2009-2869" ref="VULNAUDIT.CVE-2009-2869" />
<content type="section" index="3.41" title="CVE-2009-2871" ref="VULNAUDIT.CVE-2009-2871" />
<content type="section" index="3.42" title="CVE-2009-5038" ref="VULNAUDIT.CVE-2009-5038" />
<content type="section" index="3.43" title="CVE-2009-5039" ref="VULNAUDIT.CVE-2009-5039" />
<content type="section" index="3.44" title="CVE-2010-0576" ref="VULNAUDIT.CVE-2010-0576" />
<content type="section" index="3.45" title="CVE-2010-0578" ref="VULNAUDIT.CVE-2010-0578" />
<content type="section" index="3.46" title="CVE-2010-0582" ref="VULNAUDIT.CVE-2010-0582" />
<content type="section" index="3.47" title="CVE-2010-0583" ref="VULNAUDIT.CVE-2010-0583" />
<content type="section" index="3.48" title="CVE-2010-0585" ref="VULNAUDIT.CVE-2010-0585" />
<content type="section" index="3.49" title="CVE-2010-0586" ref="VULNAUDIT.CVE-2010-0586" />
<content type="section" index="3.50" title="CVE-2010-2828" ref="VULNAUDIT.CVE-2010-2828" />
<content type="section" index="3.51" title="CVE-2010-2829" ref="VULNAUDIT.CVE-2010-2829" />
<content type="section" index="3.52" title="CVE-2010-2831" ref="VULNAUDIT.CVE-2010-2831" />
<content type="section" index="3.53" title="CVE-2010-2832" ref="VULNAUDIT.CVE-2010-2832" />
<content type="section" index="3.54" title="CVE-2010-2833" ref="VULNAUDIT.CVE-2010-2833" />
<content type="section" index="3.55" title="CVE-2010-2834" ref="VULNAUDIT.CVE-2010-2834" />
<content type="section" index="3.56" title="CVE-2010-2835" ref="VULNAUDIT.CVE-2010-2835" />
<content type="section" index="3.57" title="CVE-2010-4671" ref="VULNAUDIT.CVE-2010-4671" />
<content type="section" index="3.58" title="CVE-2010-4683" ref="VULNAUDIT.CVE-2010-4683" />
<content type="section" index="3.59" title="CVE-2010-4686" ref="VULNAUDIT.CVE-2010-4686" />
<content type="section" index="3.60" title="CVE-2011-0945" ref="VULNAUDIT.CVE-2011-0945" />
<content type="section" index="3.61" title="CVE-2011-0946" ref="VULNAUDIT.CVE-2011-0946" />
<content type="section" index="3.62" title="CVE-2011-1624" ref="VULNAUDIT.CVE-2011-1624" />
<content type="section" index="3.63" title="CVE-2011-1640" ref="VULNAUDIT.CVE-2011-1640" />
<content type="section" index="3.64" title="CVE-2011-2057" ref="VULNAUDIT.CVE-2011-2057" />
<content type="section" index="3.65" title="CVE-2011-2058" ref="VULNAUDIT.CVE-2011-2058" />
<content type="section" index="3.66" title="CVE-2011-3270" ref="VULNAUDIT.CVE-2011-3270" />
<content type="section" index="3.67" title="CVE-2011-3276" ref="VULNAUDIT.CVE-2011-3276" />
<content type="section" index="3.68" title="CVE-2011-3277" ref="VULNAUDIT.CVE-2011-3277" />
<content type="section" index="3.69" title="CVE-2011-3278" ref="VULNAUDIT.CVE-2011-3278" />
<content type="section" index="3.70" title="CVE-2011-3279" ref="VULNAUDIT.CVE-2011-3279" />
<content type="section" index="3.71" title="CVE-2011-3280" ref="VULNAUDIT.CVE-2011-3280" />
<content type="section" index="3.72" title="CVE-2011-3282" ref="VULNAUDIT.CVE-2011-3282" />
<content type="section" index="3.73" title="CVE-2012-0381" ref="VULNAUDIT.CVE-2012-0381" />
<content type="section" index="3.74" title="CVE-2012-0385" ref="VULNAUDIT.CVE-2012-0385" />
<content type="section" index="3.75" title="CVE-2012-0386" ref="VULNAUDIT.CVE-2012-0386" />
<content type="section" index="3.76" title="CVE-2012-3079" ref="VULNAUDIT.CVE-2012-3079" />
<content type="section" index="3.77" title="CVE-2012-3949" ref="VULNAUDIT.CVE-2012-3949" />
<content type="section" index="3.78" title="CVE-2012-4618" ref="VULNAUDIT.CVE-2012-4618" />
<content type="section" index="3.79" title="CVE-2012-4619" ref="VULNAUDIT.CVE-2012-4619" />
<content type="section" index="3.80" title="CVE-2012-4620" ref="VULNAUDIT.CVE-2012-4620" />
<content type="section" index="3.81" title="CVE-2013-1142" ref="VULNAUDIT.CVE-2013-1142" />
<content type="section" index="3.82" title="CVE-2013-1145" ref="VULNAUDIT.CVE-2013-1145" />
<content type="section" index="3.83" title="CVE-2013-1146" ref="VULNAUDIT.CVE-2013-1146" />
<content type="section" index="3.84" title="CVE-2013-5473" ref="VULNAUDIT.CVE-2013-5473" />
<content type="section" index="3.85" title="CVE-2013-5474" ref="VULNAUDIT.CVE-2013-5474" />
<content type="section" index="3.86" title="CVE-2013-5475" ref="VULNAUDIT.CVE-2013-5475" />
<content type="section" index="3.87" title="CVE-2013-5477" ref="VULNAUDIT.CVE-2013-5477" />
<content type="section" index="3.88" title="CVE-2013-5479" ref="VULNAUDIT.CVE-2013-5479" />
<content type="section" index="3.89" title="CVE-2013-5480" ref="VULNAUDIT.CVE-2013-5480" />
<content type="section" index="3.90" title="CVE-2014-2108" ref="VULNAUDIT.CVE-2014-2108" />
<content type="section" index="3.91" title="CVE-2014-2109" ref="VULNAUDIT.CVE-2014-2109" />
<content type="section" index="3.92" title="CVE-2014-3327" ref="VULNAUDIT.CVE-2014-3327" />
<content type="section" index="3.93" title="CVE-2014-3354" ref="VULNAUDIT.CVE-2014-3354" />
<content type="section" index="3.94" title="CVE-2015-0636" ref="VULNAUDIT.CVE-2015-0636" />
<content type="section" index="3.95" title="CVE-2015-0637" ref="VULNAUDIT.CVE-2015-0637" />
<content type="section" index="3.96" title="CVE-2015-0642" ref="VULNAUDIT.CVE-2015-0642" />
<content type="section" index="3.97" title="CVE-2015-0643" ref="VULNAUDIT.CVE-2015-0643" />
<content type="section" index="3.98" title="CVE-2015-0646" ref="VULNAUDIT.CVE-2015-0646" />
<content type="section" index="3.99" title="CVE-2015-0647" ref="VULNAUDIT.CVE-2015-0647" />
<content type="section" index="3.100" title="CVE-2015-0648" ref="VULNAUDIT.CVE-2015-0648" />
<content type="section" index="3.101" title="CVE-2015-0649" ref="VULNAUDIT.CVE-2015-0649" />
<content type="section" index="3.102" title="CVE-2015-0650" ref="VULNAUDIT.CVE-2015-0650" />
<content type="section" index="3.103" title="CVE-2015-6278" ref="VULNAUDIT.CVE-2015-6278" />
<content type="section" index="3.104" title="CVE-2015-6279" ref="VULNAUDIT.CVE-2015-6279" />
<content type="section" index="3.105" title="CVE-2016-1349" ref="VULNAUDIT.CVE-2016-1349" />
<content type="section" index="3.106" title="CVE-2016-6379" ref="VULNAUDIT.CVE-2016-6379" />
<content type="section" index="3.107" title="CVE-2016-6384" ref="VULNAUDIT.CVE-2016-6384" />
<content type="section" index="3.108" title="CVE-2016-6385" ref="VULNAUDIT.CVE-2016-6385" />
<content type="section" index="3.109" title="CVE-2016-6391" ref="VULNAUDIT.CVE-2016-6391" />
<content type="section" index="3.110" title="CVE-2016-6392" ref="VULNAUDIT.CVE-2016-6392" />
<content type="section" index="3.111" title="CVE-2017-3857" ref="VULNAUDIT.CVE-2017-3857" />
<content type="section" index="3.112" title="CVE-2017-3860" ref="VULNAUDIT.CVE-2017-3860" />
<content type="section" index="3.113" title="CVE-2017-3861" ref="VULNAUDIT.CVE-2017-3861" />
<content type="section" index="3.114" title="CVE-2017-3862" ref="VULNAUDIT.CVE-2017-3862" />
<content type="section" index="3.115" title="CVE-2017-3863" ref="VULNAUDIT.CVE-2017-3863" />
<content type="section" index="3.116" title="CVE-2017-3864" ref="VULNAUDIT.CVE-2017-3864" />
<content type="section" index="3.117" title="CVE-2001-0929" ref="VULNAUDIT.CVE-2001-0929" />
<content type="section" index="3.118" title="CVE-2003-0647" ref="VULNAUDIT.CVE-2003-0647" />
<content type="section" index="3.119" title="CVE-2003-1109" ref="VULNAUDIT.CVE-2003-1109" />
<content type="section" index="3.120" title="CVE-2004-0054" ref="VULNAUDIT.CVE-2004-0054" />
<content type="section" index="3.121" title="CVE-2005-1057" ref="VULNAUDIT.CVE-2005-1057" />
<content type="section" index="3.122" title="CVE-2005-1058" ref="VULNAUDIT.CVE-2005-1058" />
<content type="section" index="3.123" title="CVE-2005-2105" ref="VULNAUDIT.CVE-2005-2105" />
<content type="section" index="3.124" title="CVE-2005-2841" ref="VULNAUDIT.CVE-2005-2841" />
<content type="section" index="3.125" title="CVE-2002-1024" ref="VULNAUDIT.CVE-2002-1024" />
<content type="section" index="3.126" title="CVE-2005-1020" ref="VULNAUDIT.CVE-2005-1020" />
<content type="section" index="3.127" title="CVE-2005-1021" ref="VULNAUDIT.CVE-2005-1021" />
<content type="section" index="3.128" title="CVE-2006-0340" ref="VULNAUDIT.CVE-2006-0340" />
<content type="section" index="3.129" title="CVE-2007-4291" ref="VULNAUDIT.CVE-2007-4291" />
<content type="section" index="3.130" title="CVE-2007-4293" ref="VULNAUDIT.CVE-2007-4293" />
<content type="section" index="3.131" title="CVE-2007-5651" ref="VULNAUDIT.CVE-2007-5651" />
<content type="section" index="3.132" title="CVE-2008-1150" ref="VULNAUDIT.CVE-2008-1150" />
<content type="section" index="3.133" title="CVE-2008-1151" ref="VULNAUDIT.CVE-2008-1151" />
<content type="section" index="3.134" title="CVE-2008-1153" ref="VULNAUDIT.CVE-2008-1153" />
<content type="section" index="3.135" title="CVE-2008-3800" ref="VULNAUDIT.CVE-2008-3800" />
<content type="section" index="3.136" title="CVE-2008-3801" ref="VULNAUDIT.CVE-2008-3801" />
<content type="section" index="3.137" title="CVE-2008-3802" ref="VULNAUDIT.CVE-2008-3802" />
<content type="section" index="3.138" title="CVE-2008-3804" ref="VULNAUDIT.CVE-2008-3804" />
<content type="section" index="3.139" title="CVE-2008-3809" ref="VULNAUDIT.CVE-2008-3809" />
<content type="section" index="3.140" title="CVE-2008-4609" ref="VULNAUDIT.CVE-2008-4609" />
<content type="section" index="3.141" title="CVE-2009-0630" ref="VULNAUDIT.CVE-2009-0630" />
<content type="section" index="3.142" title="CVE-2009-0637" ref="VULNAUDIT.CVE-2009-0637" />
<content type="section" index="3.143" title="CVE-2009-1168" ref="VULNAUDIT.CVE-2009-1168" />
<content type="section" index="3.144" title="CVE-2009-2863" ref="VULNAUDIT.CVE-2009-2863" />
<content type="section" index="3.145" title="CVE-2009-2873" ref="VULNAUDIT.CVE-2009-2873" />
<content type="section" index="3.146" title="CVE-2010-0577" ref="VULNAUDIT.CVE-2010-0577" />
<content type="section" index="3.147" title="CVE-2010-2830" ref="VULNAUDIT.CVE-2010-2830" />
<content type="section" index="3.148" title="CVE-2010-4684" ref="VULNAUDIT.CVE-2010-4684" />
<content type="section" index="3.149" title="CVE-2012-0382" ref="VULNAUDIT.CVE-2012-0382" />
<content type="section" index="3.150" title="CVE-2013-1143" ref="VULNAUDIT.CVE-2013-1143" />
<content type="section" index="3.151" title="CVE-2013-5472" ref="VULNAUDIT.CVE-2013-5472" />
<content type="section" index="3.152" title="CVE-2013-5481" ref="VULNAUDIT.CVE-2013-5481" />
<content type="section" index="3.153" title="CVE-2014-2107" ref="VULNAUDIT.CVE-2014-2107" />
<content type="section" index="3.154" title="CVE-2014-2111" ref="VULNAUDIT.CVE-2014-2111" />
<content type="section" index="3.155" title="CVE-2015-0638" ref="VULNAUDIT.CVE-2015-0638" />
<content type="section" index="3.156" title="CVE-2015-0681" ref="VULNAUDIT.CVE-2015-0681" />
<content type="section" index="3.157" title="CVE-2016-6393" ref="VULNAUDIT.CVE-2016-6393" />
<content type="section" index="3.158" title="CVE-2007-4295" ref="VULNAUDIT.CVE-2007-4295" />
<content type="section" index="3.159" title="CVE-2009-2872" ref="VULNAUDIT.CVE-2009-2872" />
<content type="section" index="3.160" title="CVE-2009-5040" ref="VULNAUDIT.CVE-2009-5040" />
<content type="section" index="3.161" title="CVE-2012-5036" ref="VULNAUDIT.CVE-2012-5036" />
<content type="section" index="3.162" title="CVE-2015-4204" ref="VULNAUDIT.CVE-2015-4204" />
<content type="section" index="3.163" title="CVE-2007-2587" ref="VULNAUDIT.CVE-2007-2587" />
<content type="section" index="3.164" title="CVE-2015-0771" ref="VULNAUDIT.CVE-2015-0771" />
<content type="section" index="3.165" title="CVE-2005-0197" ref="VULNAUDIT.CVE-2005-0197" />
<content type="section" index="3.166" title="CVE-2007-1258" ref="VULNAUDIT.CVE-2007-1258" />
<content type="section" index="3.167" title="CVE-2011-3274" ref="VULNAUDIT.CVE-2011-3274" />
<content type="section" index="3.168" title="CVE-2014-3409" ref="VULNAUDIT.CVE-2014-3409" />
<content type="section" index="3.169" title="CVE-2009-0629" ref="VULNAUDIT.CVE-2009-0629" />
<content type="section" index="3.170" title="CVE-2009-2049" ref="VULNAUDIT.CVE-2009-2049" />
<content type="section" index="3.171" title="CVE-2011-1625" ref="VULNAUDIT.CVE-2011-1625" />
<content type="section" index="3.172" title="CVE-2011-4016" ref="VULNAUDIT.CVE-2011-4016" />
<content type="section" index="3.173" title="CVE-2015-4203" ref="VULNAUDIT.CVE-2015-4203" />
<content type="section" index="3.174" title="CVE-2008-1156" ref="VULNAUDIT.CVE-2008-1156" />
<content type="section" index="3.175" title="CVE-2001-1097" ref="VULNAUDIT.CVE-2001-1097" />
<content type="section" index="3.176" title="CVE-2001-1183" ref="VULNAUDIT.CVE-2001-1183" />
<content type="section" index="3.177" title="CVE-2002-0339" ref="VULNAUDIT.CVE-2002-0339" />
<content type="section" index="3.178" title="CVE-2002-1706" ref="VULNAUDIT.CVE-2002-1706" />
<content type="section" index="3.179" title="CVE-2002-1768" ref="VULNAUDIT.CVE-2002-1768" />
<content type="section" index="3.180" title="CVE-2003-0305" ref="VULNAUDIT.CVE-2003-0305" />
<content type="section" index="3.181" title="CVE-2003-0511" ref="VULNAUDIT.CVE-2003-0511" />
<content type="section" index="3.182" title="CVE-2003-0512" ref="VULNAUDIT.CVE-2003-0512" />
<content type="section" index="3.183" title="CVE-2003-0851" ref="VULNAUDIT.CVE-2003-0851" />
<content type="section" index="3.184" title="CVE-2004-0079" ref="VULNAUDIT.CVE-2004-0079" />
<content type="section" index="3.185" title="CVE-2004-0081" ref="VULNAUDIT.CVE-2004-0081" />
<content type="section" index="3.186" title="CVE-2004-0112" ref="VULNAUDIT.CVE-2004-0112" />
<content type="section" index="3.187" title="CVE-2004-0710" ref="VULNAUDIT.CVE-2004-0710" />
<content type="section" index="3.188" title="CVE-2004-0714" ref="VULNAUDIT.CVE-2004-0714" />
<content type="section" index="3.189" title="CVE-2004-1111" ref="VULNAUDIT.CVE-2004-1111" />
<content type="section" index="3.190" title="CVE-2004-1454" ref="VULNAUDIT.CVE-2004-1454" />
<content type="section" index="3.191" title="CVE-2004-1464" ref="VULNAUDIT.CVE-2004-1464" />
<content type="section" index="3.192" title="CVE-2005-0186" ref="VULNAUDIT.CVE-2005-0186" />
<content type="section" index="3.193" title="CVE-2005-0195" ref="VULNAUDIT.CVE-2005-0195" />
<content type="section" index="3.194" title="CVE-2005-0196" ref="VULNAUDIT.CVE-2005-0196" />
<content type="section" index="3.195" title="CVE-2005-3669" ref="VULNAUDIT.CVE-2005-3669" />
<content type="section" index="3.196" title="CVE-2007-4430" ref="VULNAUDIT.CVE-2007-4430" />
<content type="section" index="3.197" title="CVE-2010-4687" ref="VULNAUDIT.CVE-2010-4687" />
<content type="section" index="3.198" title="CVE-2011-2059" ref="VULNAUDIT.CVE-2011-2059" />
<content type="section" index="3.199" title="CVE-2011-2395" ref="VULNAUDIT.CVE-2011-2395" />
<content type="section" index="3.200" title="CVE-2012-0338" ref="VULNAUDIT.CVE-2012-0338" />
<content type="section" index="3.201" title="CVE-2012-0339" ref="VULNAUDIT.CVE-2012-0339" />
<content type="section" index="3.202" title="CVE-2012-1367" ref="VULNAUDIT.CVE-2012-1367" />
<content type="section" index="3.203" title="CVE-2015-4202" ref="VULNAUDIT.CVE-2015-4202" />
<content type="section" index="3.204" title="CVE-2016-1409" ref="VULNAUDIT.CVE-2016-1409" />
<content type="section" index="3.205" title="CVE-2016-6415" ref="VULNAUDIT.CVE-2016-6415" />
<content type="section" index="3.206" title="CVE-2004-0244" ref="VULNAUDIT.CVE-2004-0244" />
<content type="section" index="3.207" title="CVE-2006-0485" ref="VULNAUDIT.CVE-2006-0485" />
<content type="section" index="3.208" title="CVE-2006-0486" ref="VULNAUDIT.CVE-2006-0486" />
<content type="section" index="3.209" title="CVE-2007-4632" ref="VULNAUDIT.CVE-2007-4632" />
<content type="section" index="3.210" title="CVE-2008-3821" ref="VULNAUDIT.CVE-2008-3821" />
<content type="section" index="3.211" title="CVE-2009-2862" ref="VULNAUDIT.CVE-2009-2862" />
<content type="section" index="3.212" title="CVE-2012-0362" ref="VULNAUDIT.CVE-2012-0362" />
<content type="section" index="3.213" title="CVE-2012-5039" ref="VULNAUDIT.CVE-2012-5039" />
<content type="section" index="3.214" title="CVE-2016-6422" ref="VULNAUDIT.CVE-2016-6422" />
<content type="section" index="3.215" title="CVE-2010-4685" ref="VULNAUDIT.CVE-2010-4685" />
<content type="section" index="3.216" title="CVE-2006-4650" ref="VULNAUDIT.CVE-2006-4650" />
<content type="section" index="3.217" title="CVE-2005-2451" ref="VULNAUDIT.CVE-2005-2451" />
<content type="section" index="3.218" title="Conclusions" ref="VULNAUDIT.CONCLUSIONS" />
<content type="section" index="3.219" title="Recommendations" ref="VULNAUDIT.RECOMMENDATIONS" />
</content>
<content type="part" index="4" title="DISA STIG Compliance" ref="STIGCOMPLIANCE">
<content type="section" index="4.1" title="Introduction" ref="STIGCOMPLIANCE.INTRODUCTION" />
<content type="section" index="4.2" title="Switch Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco Summary" ref="STIGCOMPLIANCE.SUMMARY." />
<content type="section" index="4.3" title="V-3000 - Interface ACL deny statements are not logged." ref="STIGCOMPLIANCE.SV-15474r3_rule" />
<content type="section" index="4.4" title="V-3008 - IPSec VPN is not configured as a tunnel type VPN." ref="STIGCOMPLIANCE.SV-3008r1_rule" />
<content type="section" index="4.5" title="V-3012 - Network element is not password protected." ref="STIGCOMPLIANCE.SV-3012r4_rule" />
<content type="section" index="4.6" title="V-3013 - Login banner is non-existent or not DOD-approved." ref="STIGCOMPLIANCE.SV-3013r4_rule" />
<content type="section" index="4.7" title="V-3014 - Management connection does not timeout." ref="STIGCOMPLIANCE.SV-15453r2_rule" />
<content type="section" index="4.8" title="V-3020 - DNS servers must be defined for client resolver. " ref="STIGCOMPLIANCE.SV-15330r2_rule" />
<content type="section" index="4.9" title="V-3021 - SNMP access is not restricted by IP address." ref="STIGCOMPLIANCE.SV-15332r2_rule" />
<content type="section" index="4.10" title="V-3034 - Interior routing protocols are not authenticated." ref="STIGCOMPLIANCE.SV-15290r2_rule" />
<content type="section" index="4.11" title="V-3043 - SNMP privileged and non-privileged access." ref="STIGCOMPLIANCE.SV-3043r4_rule" />
<content type="section" index="4.12" title="V-3056 - Group accounts are defined." ref="STIGCOMPLIANCE.SV-3056r7_rule" />
<content type="section" index="4.13" title="V-3057 - Accounts assigned least privileges necessary to perform duties." ref="STIGCOMPLIANCE.SV-15471r3_rule" />
<content type="section" index="4.14" title="V-3058 - Unauthorized accounts are configured to access device." ref="STIGCOMPLIANCE.SV-3058r5_rule" />
<content type="section" index="4.15" title="V-3062 - Passwords are viewable when displaying the config." ref="STIGCOMPLIANCE.SV-41449r2_rule" />
<content type="section" index="4.16" title="V-3069 - Management connections must be secured by FIPS 140-2. " ref="STIGCOMPLIANCE.SV-15451r3_rule" />
<content type="section" index="4.17" title="V-3070 - Management connections must be logged." ref="STIGCOMPLIANCE.SV-15455r2_rule" />
<content type="section" index="4.18" title="V-3072 - Running and startup configurations are not synchronized." ref="STIGCOMPLIANCE.SV-3072r3_rule" />
<content type="section" index="4.19" title="V-3078 - TCP and UDP small server services are not disabled." ref="STIGCOMPLIANCE.SV-3078r3_rule" />
<content type="section" index="4.20" title="V-3079 - The finger service is not disabled." ref="STIGCOMPLIANCE.SV-15305r2_rule" />
<content type="section" index="4.21" title="V-3080 - Configuration auto-loading must be disabled." ref="STIGCOMPLIANCE.SV-3080r3_rule" />
<content type="section" index="4.22" title="V-3081 - IP Source Routing is not disabled on all routers." ref="STIGCOMPLIANCE.SV-15316r2_rule" />
<content type="section" index="4.23" title="V-3083 - IP directed broadcast is not disabled." ref="STIGCOMPLIANCE.SV-3083r3_rule" />
<content type="section" index="4.24" title="V-3085 - HTTP server is not disabled " ref="STIGCOMPLIANCE.SV-41467r1_rule" />
<content type="section" index="4.25" title="V-3086 - The Bootp service is not disabled." ref="STIGCOMPLIANCE.SV-3086r3_rule" />
<content type="section" index="4.26" title="V-3143 - Devices exist with standard default passwords." ref="STIGCOMPLIANCE.SV-3143r4_rule" />
<content type="section" index="4.27" title="V-3160 - Operating system is not at a current release level." ref="STIGCOMPLIANCE.SV-15302r2_rule" />
<content type="section" index="4.28" title="V-3175 - Management connections must require passwords." ref="STIGCOMPLIANCE.SV-15448r3_rule" />
<content type="section" index="4.29" title="V-3196 - An insecure version of SNMP is being used." ref="STIGCOMPLIANCE.SV-3196r4_rule" />
<content type="section" index="4.30" title="V-3210 - Using default SNMP community names." ref="STIGCOMPLIANCE.SV-3210r4_rule" />
<content type="section" index="4.31" title="V-3966 - More than one local account is defined." ref="STIGCOMPLIANCE.SV-15469r6_rule" />
<content type="section" index="4.32" title="V-3967 - The console port does not timeout after 10 minutes." ref="STIGCOMPLIANCE.SV-15444r2_rule" />
<content type="section" index="4.33" title="V-3969 - Network element must only allow SNMP read access." ref="STIGCOMPLIANCE.SV-30086r3_rule" />
<content type="section" index="4.34" title="V-3971 - VLAN 1 is being used as a user VLAN." ref="STIGCOMPLIANCE.SV-3971r2_rule" />
<content type="section" index="4.35" title="V-3972 - VLAN 1 traffic traverses across unnecessary trunk " ref="STIGCOMPLIANCE.SV-3972r2_rule" />
<content type="section" index="4.36" title="V-3973 - Disabled ports are not kept in an unused VLAN." ref="STIGCOMPLIANCE.SV-3973r2_rule" />
<content type="section" index="4.37" title="V-3984 - Access switchports are assigned to the native VLAN" ref="STIGCOMPLIANCE.SV-3984r2_rule" />
<content type="section" index="4.38" title="V-4582 - Authentication required for console access." ref="STIGCOMPLIANCE.SV-19270r3_rule" />
<content type="section" index="4.39" title="V-4584 - The network element must log all messages except debugging." ref="STIGCOMPLIANCE.SV-15476r2_rule" />
<content type="section" index="4.40" title="V-5611 - Management connections are not restricted." ref="STIGCOMPLIANCE.SV-15449r3_rule" />
<content type="section" index="4.41" title="V-5612 - SSH session timeout is not 60 seconds or less." ref="STIGCOMPLIANCE.SV-15457r2_rule" />
<content type="section" index="4.42" title="V-5613 - SSH login attempts value is greater than 3." ref="STIGCOMPLIANCE.SV-15458r2_rule" />
<content type="section" index="4.43" title="V-5614 - The PAD service is enabled." ref="STIGCOMPLIANCE.SV-5614r3_rule" />
<content type="section" index="4.44" title="V-5615 - TCP Keep-Alives must be enabled." ref="STIGCOMPLIANCE.SV-5615r3_rule" />
<content type="section" index="4.45" title="V-5616 - Identification support is enabled." ref="STIGCOMPLIANCE.SV-5616r3_rule" />
<content type="section" index="4.46" title="V-5618 - Gratuitous ARP must be disabled." ref="STIGCOMPLIANCE.SV-5618r3_rule" />
<content type="section" index="4.47" title="V-5622 - A dedicated VLAN is required for all trunk ports." ref="STIGCOMPLIANCE.SV-5622r2_rule" />
<content type="section" index="4.48" title="V-5623 - Ensure trunking is disabled on all access ports." ref="STIGCOMPLIANCE.SV-5623r2_rule" />
<content type="section" index="4.49" title="V-5624 - Re-authentication must occur every 60 minutes." ref="STIGCOMPLIANCE.SV-5624r2_rule" />
<content type="section" index="4.50" title="V-5626 - NET-NAC-009" ref="STIGCOMPLIANCE.SV-42190r2_rule" />
<content type="section" index="4.51" title="V-5628 - The VLAN1 is being used for management traffic." ref="STIGCOMPLIANCE.SV-5628r2_rule" />
<content type="section" index="4.52" title="V-5645 - Cisco Express Forwarding (CEF) not enabled on supported devices." ref="STIGCOMPLIANCE.SV-5645r4_rule" />
<content type="section" index="4.53" title="V-5646 - Devices not configured to filter and drop half-open connections." ref="STIGCOMPLIANCE.SV-15435r4_rule" />
<content type="section" index="4.54" title="V-7009 - An Infinite Lifetime key has not been implemented" ref="STIGCOMPLIANCE.SV-7363r2_rule" />
<content type="section" index="4.55" title="V-7011 - The auxiliary port is not disabled." ref="STIGCOMPLIANCE.SV-15446r2_rule" />
<content type="section" index="4.56" title="V-14667 - Key expiration exceeds 180 days." ref="STIGCOMPLIANCE.SV-15301r3_rule" />
<content type="section" index="4.57" title="V-14669 - BSDr commands are not disabled." ref="STIGCOMPLIANCE.SV-15314r2_rule" />
<content type="section" index="4.58" title="V-14671 - NTP messages are not authenticated." ref="STIGCOMPLIANCE.SV-16089r3_rule" />
<content type="section" index="4.59" title="V-14672 - Authentication traffic does not use loopback address or OOB Management interface." ref="STIGCOMPLIANCE.SV-16091r2_rule" />
<content type="section" index="4.60" title="V-14673 - Syslog traffic is not using loopback address or OOB management interface." ref="STIGCOMPLIANCE.SV-15340r2_rule" />
<content type="section" index="4.61" title="V-14674 - NTP traffic is not using loopback address or OOB Management interface." ref="STIGCOMPLIANCE.SV-15343r2_rule" />
<content type="section" index="4.62" title="V-14675 - SNMP traffic does not use loopback address or OOB Management interface." ref="STIGCOMPLIANCE.SV-15346r2_rule" />
<content type="section" index="4.63" title="V-14676 - Netflow traffic is not using loopback address." ref="STIGCOMPLIANCE.SV-15349r2_rule" />
<content type="section" index="4.64" title="V-14677 - FTP/TFTP traffic does not use loopback address or OOB Management interface." ref="STIGCOMPLIANCE.SV-15352r3_rule" />
<content type="section" index="4.65" title="V-14681 - Loopback address is not used as the iBGP source IP." ref="STIGCOMPLIANCE.SV-15359r2_rule" />
<content type="section" index="4.66" title="V-14693 - IPv6 Site Local Unicast ADDR must not be defined" ref="STIGCOMPLIANCE.SV-15397r2_rule" />
<content type="section" index="4.67" title="V-14705 - IPv6 routers are not configured with CEF enabled " ref="STIGCOMPLIANCE.SV-15425r1_rule" />
<content type="section" index="4.68" title="V-14707 - IPv6 Egress Outbound Spoofing Filter " ref="STIGCOMPLIANCE.SV-15429r1_rule" />
<content type="section" index="4.69" title="V-14717 - The network element must not allow SSH Version 1." ref="STIGCOMPLIANCE.SV-15460r2_rule" />
<content type="section" index="4.70" title="V-15288 - ISATAP tunnels must terminate at interior router." ref="STIGCOMPLIANCE.SV-16068r2_rule" />
<content type="section" index="4.71" title="V-15432 - The device is not authenticated using a AAA server." ref="STIGCOMPLIANCE.SV-16259r4_rule" />
<content type="section" index="4.72" title="V-15434 - Emergency administration account privilege level is not set." ref="STIGCOMPLIANCE.SV-16261r5_rule" />
<content type="section" index="4.73" title="V-17754 - Management traffic is not restricted" ref="STIGCOMPLIANCE.SV-18945r2_rule" />
<content type="section" index="4.74" title="V-17814 - Remote VPN end-point not a mirror of local gateway" ref="STIGCOMPLIANCE.SV-19063r1_rule" />
<content type="section" index="4.75" title="V-17815 - IGP instances do not peer with appropriate domain" ref="STIGCOMPLIANCE.SV-19297r1_rule" />
<content type="section" index="4.76" title="V-17816 - Routes from the two IGP domains are redistributed " ref="STIGCOMPLIANCE.SV-19069r1_rule" />
<content type="section" index="4.77" title="V-17817 - Managed network has access to OOBM gateway router" ref="STIGCOMPLIANCE.SV-19301r1_rule" />
<content type="section" index="4.78" title="V-17818 - Traffic from the managed network will leak " ref="STIGCOMPLIANCE.SV-19303r1_rule" />
<content type="section" index="4.79" title="V-17819 - Management traffic leaks into the managed network" ref="STIGCOMPLIANCE.SV-19305r1_rule" />
<content type="section" index="4.80" title="V-17821 - The OOBM interface not configured correctly." ref="STIGCOMPLIANCE.SV-20205r2_rule" />
<content type="section" index="4.81" title="V-17822 - The management interface does not have an ACL." ref="STIGCOMPLIANCE.SV-20208r1_rule" />
<content type="section" index="4.82" title="V-17823 - The management interface is not IGP passive." ref="STIGCOMPLIANCE.SV-19334r2_rule" />
<content type="section" index="4.83" title="V-17824 - Management interface is assigned to a user VLAN. " ref="STIGCOMPLIANCE.SV-19337r1_rule" />
<content type="section" index="4.84" title="V-17825 - Management VLAN has invalid addresses" ref="STIGCOMPLIANCE.SV-19338r1_rule" />
<content type="section" index="4.85" title="V-17826 - Invalid ports with membership to the mgmt VLAN" ref="STIGCOMPLIANCE.SV-19339r1_rule" />
<content type="section" index="4.86" title="V-17827 - The management VLAN is not pruned from trunk links" ref="STIGCOMPLIANCE.SV-19340r1_rule" />
<content type="section" index="4.87" title="V-17832 - Mgmt VLAN does not have correct IP address" ref="STIGCOMPLIANCE.SV-19702r1_rule" />
<content type="section" index="4.88" title="V-17833 - No ingress ACL on management VLAN interface" ref="STIGCOMPLIANCE.SV-19703r2_rule" />
<content type="section" index="4.89" title="V-17834 - No inbound ACL for mgmt network sub-interface" ref="STIGCOMPLIANCE.SV-19308r1_rule" />
<content type="section" index="4.90" title="V-17835 - IPSec traffic is not restricted" ref="STIGCOMPLIANCE.SV-19310r1_rule" />
<content type="section" index="4.91" title="V-17836 - Management traffic is not classified and marked" ref="STIGCOMPLIANCE.SV-19313r1_rule" />
<content type="section" index="4.92" title="V-17837 - Management traffic doesn't get preferred treatment" ref="STIGCOMPLIANCE.SV-19315r1_rule" />
<content type="section" index="4.93" title="V-18522 - ACLs must restrict access to server VLANs." ref="STIGCOMPLIANCE.SV-20061r2_rule" />
<content type="section" index="4.94" title="V-18523 - ACLs do not protect against compromised servers" ref="STIGCOMPLIANCE.SV-20062r1_rule" />
<content type="section" index="4.95" title="V-18544 - Restricted VLAN not assigned to non-802.1x device." ref="STIGCOMPLIANCE.SV-20088r2_rule" />
<content type="section" index="4.96" title="V-18545 - Upstream access not restricted for non-802.1x VLAN" ref="STIGCOMPLIANCE.SV-20089r1_rule" />
<content type="section" index="4.97" title="V-18566 - NET-NAC-031" ref="STIGCOMPLIANCE.SV-49133r1_rule" />
<content type="section" index="4.98" title="V-18790 - NET-TUNL-012" ref="STIGCOMPLIANCE.SV-20504r2_rule" />
<content type="section" index="4.99" title="V-19188 - Control plane protection is not enabled." ref="STIGCOMPLIANCE.SV-21167r2_rule" />
<content type="section" index="4.100" title="V-19189 - No Admin-local or Site-local boundary" ref="STIGCOMPLIANCE.SV-21169r1_rule" />
<content type="section" index="4.101" title="V-23747 - Two NTP servers are not used to synchronize time." ref="STIGCOMPLIANCE.SV-41497r1_rule" />
<content type="section" index="4.102" title="V-28784 - Call home service is disabled." ref="STIGCOMPLIANCE.SV-38003r2_rule" />
<content type="section" index="4.103" title="V-30577 - PIM enabled on wrong interfaces" ref="STIGCOMPLIANCE.SV-40312r1_rule" />
<content type="section" index="4.104" title="V-30578 - PIM neighbor filter is not configured" ref="STIGCOMPLIANCE.SV-40315r1_rule" />
<content type="section" index="4.105" title="V-30585 - Invalid group used for source specific multicast " ref="STIGCOMPLIANCE.SV-40326r1_rule" />
<content type="section" index="4.106" title="V-30617 - Maximum hop limit is less than 32" ref="STIGCOMPLIANCE.SV-40389r1_rule" />
<content type="section" index="4.107" title="V-30660 - The 6-to-4 router is not filtering protocol 41" ref="STIGCOMPLIANCE.SV-40454r1_rule" />
<content type="section" index="4.108" title="V-30736 - 6-to-4 router not filtering invalid source address" ref="STIGCOMPLIANCE.SV-40539r1_rule" />
<content type="section" index="4.109" title="V-30744 - L2TPv3 sessions are not authenticated" ref="STIGCOMPLIANCE.SV-40556r1_rule" />
<content type="section" index="4.110" title="V-31285 - BGP must authenticate all peers." ref="STIGCOMPLIANCE.SV-41555r2_rule" />
<content type="section" index="4.111" title="Conclusions" ref="STIGCOMPLIANCE.CONCLUSIONS" />
<content type="section" index="4.112" title="Recommendations" ref="STIGCOMPLIANCE.RECOMMENDATIONS" />
</content>
<content type="part" index="5" title="Configuration Report" ref="CONFIGURATION">
<content type="section" index="5.1" title="Introduction" ref="CONFIGURATION.INTRODUCTION" />
<content type="section" index="5.2" title="Cisco Catalyst Switch Switch Configuration Report" ref="CONFIGURATION.">
<content type="section" index="5.2.1" title="Basic Information" ref="CONFIGURATION.BASIC" />
<content type="section" index="5.2.2" title="Network Services" ref="CONFIGURATION.SERVICES.1" />
<content type="section" index="5.2.3" title="General Configuration Information" ref="CONFIGURATION.GENERAL.CONFIG" />
<content type="section" index="5.2.4" title="Authentication" ref="CONFIGURATION.AUTHENTICATION" />
<content type="section" index="5.2.5" title="Administration" ref="CONFIGURATION.ADMINISTRATION" />
<content type="section" index="5.2.6" title="Simple Network Management Protocol Settings" ref="SNMP" />
<content type="section" index="5.2.7" title="Message Logging" ref="LOGGING" />
<content type="section" index="5.2.8" title="Name Resolution Settings" ref="CONFIGURATION.NAME.RESOLUTION" />
<content type="section" index="5.2.9" title="Network Protocols" ref="CONFIGURATION.ADDRESSES" />
<content type="section" index="5.2.10" title="Network Interfaces" ref="CONFIGURATION.INTERFACES" />
<content type="section" index="5.2.11" title="Routing Configuration" ref="ROUTING" />
<content type="section" index="5.2.12" title="Remote Access Settings" ref="REMOTEACCESS" />
<content type="section" index="5.2.13" title="Time And Date" ref="CONFIGURATION.TIME" />
</content>
</content>
<content type="part" index="6" title="Appendix" ref="APPENDIX">
<content type="section" index="6.1" title="Logging Severity Levels" ref="APPENDIX.LOGGING" />
<content type="section" index="6.2" title="Common Time Zones" ref="APPENDIX.TIMEZONES" />
<content type="section" index="6.3" title="IP Protocols" ref="APPENDIX.IPPROTOCOLS" />
<content type="section" index="6.4" title="ICMP Types" ref="APPENDIX.ICMPTYPES" />
<content type="section" index="6.5" title="Abbreviations" ref="APPENDIX.ABBREVIATIONS" />
<content type="section" index="6.6" title="Nipper Studio Version" ref="APPENDIX.NIPPERVERSION" />
</content>
</sections>
<diagrams>
<content type="diagram" index="1" title="Severity Classification" ref="SECURITY.SUMMARY.RATINGS" />
<content type="diagram" index="2" title="Issue Classification" ref="SECURITY.SUMMARY.CLASSIFICATION" />
<content type="diagram" index="3" title=" Vulnerability Findings" ref="VULN.DEVICE..COVERAGE.RATINGS.SUMMARY" />
<content type="diagram" index="4" title="STIG CAT I Findings" ref="SUMMARY.STIG.CAT1FINDINGS" />
<content type="diagram" index="5" title="STIG CAT II Findings" ref="SUMMARY.STIG.CAT2FINDINGS" />
<content type="diagram" index="6" title="Severity Classification" ref="SECURITY.CONCLUSIONS.RATINGS" />
<content type="diagram" index="7" title="Issue Classification" ref="SECURITY.CONCLUSIONS.CLASSIFICATION" />
<content type="diagram" index="8" title="Issue Mitigation Classification" ref="SECURITY.MITIGATION.PIE" />
<content type="diagram" index="9" title="STIG CAT I Findings" ref="CONCLUSIONS.STIG.CAT1FINDINGS" />
<content type="diagram" index="10" title="STIG CAT II Findings" ref="CONCLUSIONS.STIG.CAT2FINDINGS" />
</diagrams>
<tables>
<content type="table" index="1" title="Audit device scope" ref="SCOPE.AUDITDEVICELIST.TABLE" />
<content type="table" index="2" title="Summary of findings from the Vulnerability Audit for each device" ref="VULN.SUMMARY.AUDITRESULTLIST" />
<content type="table" index="3" title="DISA STIG device compliance summary" ref="STIGCOMPLIANCE.SUMMARY.DEVICESSUM" />
<content type="table" index="4" title="Report text conventions" ref="REPORTTEXTCONVENTIONS" />
<content type="table" index="5" title="Compliance check status definitions" ref="REPORTCOMPLIANCERESULT.TABLE" />
<content type="table" index="6" title="Security audit device list" ref="SECURITY.AUDITDEVICELIST.TABLE" />
<content type="table" index="7" title="The impact rating" ref="SECURITY.IMPACTRATING" />
<content type="table" index="8" title="The ease rating" ref="SECURITY.EASERATING" />
<content type="table" index="9" title="The fix rating" ref="SECURITY.FIXRATING" />
<content type="table" index="10" title="Users on Switch with a weak password" ref="AUTHENTICATION.USERS.WEAKPASSWORD.1" />
<content type="table" index="11" title="Telnet line settings on Switch" ref="ADMINISTRATION.LINE.TELNET.ENABLED" />
<content type="table" index="12" title="Switch administrative lines with no inbound ACL" ref="SECURITY.ADMINISTRATION.LINE.ACLIN.1" />
<content type="table" index="13" title="Network interfaces on Switch with no STP Root Guard" ref="PROTOCOLS.STP.ROOTGUARD.1" />
<content type="table" index="14" title="Enable password stored on Switch without using MD5" ref="AUTHENTICATION.USERS.ENABLE.1" />
<content type="table" index="15" title="Network interfaces on Switch with DTP enabled" ref="PROTOCOLS.DTPENABLED.1" />
<content type="table" index="16" title="Network interfaces on Switch with no STP Loop Guard" ref="PROTOCOLS.STP.LOOPGUARD.1" />
<content type="table" index="17" title="Network interfaces on Switch with CDP enabled" ref="PROTOCOLS.CDPENABLED.1" />
<content type="table" index="18" title="Fast Ethernet interfaces with disabled port security on Switch" ref="INTERFACES.PORTSECURITY.FETHERINTERFACES.1" />
<content type="table" index="19" title="Gigabit interfaces with disabled port security on Switch" ref="INTERFACES.PORTSECURITY.GETHERINTERFACES.1" />
<content type="table" index="20" title="Network interfaces on Switch with Proxy ARP enabled" ref="PROTOCOLS.PROXYARP.1" />
<content type="table" index="21" title="Network interfaces with no filtering on Switch" ref="INTERFACES.NOFILTERS.1" />
<content type="table" index="22" title="Network interfaces on Switch with ICMP Unreachables enabled" ref="PROTOCOLS.UNREACHABLES.1" />
<content type="table" index="23" title="Network interfaces on Switch with ICMP Redirects enabled" ref="PROTOCOLS.REDIRECTS.1" />
<content type="table" index="24" title="Switch administrative lines with no outbound ACL" ref="SECURITY.ADMINISTRATION.LINE.NOACLOUT.1" />
<content type="table" index="25" title="Network interfaces on Switch that trunk all VLANs" ref="INTERFACES.TRUNKALL.1" />
<content type="table" index="26" title="Security audit device conclusions" ref="SECURITY.CONCLUSIONS.AUDITDEVICELIST" />
<content type="table" index="27" title="Security audit recommendations list" ref="SECURITY.AUDITRECOMMENDATIONLIST" />
<content type="table" index="28" title="The mitigation classification" ref="SECURITY.MITIGATION.CLASSIFICATION" />
<content type="table" index="29" title="Software vulnerability audit scope" ref="VULNAUDIT.INTRO" />
<content type="table" index="30" title="Software vulnerability audit conclusions" ref="VULNAUDIT.CONCLUSIONS" />
<content type="table" index="31" title="Vulnerability audit summary findings" ref="VULNAUDIT.CONCLUSIONS" />
<content type="table" index="32" title="STIG device audit check list" ref="STIGCOMPLIANCE.INTRO.DEVICES" />
<content type="table" index="33" title="Vulnerability Severity Code Definitions" ref="SEVERITYCODES" />
<content type="table" index="34" title="Switch Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco summary" ref="STIG.CHECKLIST.1" />
<content type="table" index="35" title="Interface ACL deny statements are not logged. - Summary result" ref="STIGCOMPLIANCE.SV-15474r3_rule.SUMM" />
<content type="table" index="36" title="IPSec VPN is not configured as a tunnel type VPN. - Summary result" ref="STIGCOMPLIANCE.SV-3008r1_rule.SUMM" />
<content type="table" index="37" title="Network element is not password protected. - Summary result" ref="STIGCOMPLIANCE.SV-3012r4_rule.SUMM" />
<content type="table" index="38" title="Administrative lines" ref="STIG.NET0230.LINES.1" />
<content type="table" index="39" title="Login banner is non-existent or not DOD-approved. - Summary result" ref="STIGCOMPLIANCE.SV-3013r4_rule.SUMM" />
<content type="table" index="40" title="Management connection does not timeout. - Summary result" ref="STIGCOMPLIANCE.SV-15453r2_rule.SUMM" />
<content type="table" index="41" title="Administrative line connection timeout on Switch" ref="STIG.NET1639.LINES.1" />
<content type="table" index="42" title="DNS servers must be defined for client resolver. - Summary result" ref="STIGCOMPLIANCE.SV-15330r2_rule.SUMM" />
<content type="table" index="43" title="SNMP access is not restricted by IP address. - Summary result" ref="STIGCOMPLIANCE.SV-15332r2_rule.SUMM" />
<content type="table" index="44" title="Interior routing protocols are not authenticated. - Summary result" ref="STIGCOMPLIANCE.SV-15290r2_rule.SUMM" />
<content type="table" index="45" title="SNMP privileged and non-privileged access. - Summary result" ref="STIGCOMPLIANCE.SV-3043r4_rule.SUMM" />
<content type="table" index="46" title="Group accounts are defined. - Summary result" ref="STIGCOMPLIANCE.SV-3056r7_rule.SUMM" />
<content type="table" index="47" title="Users" ref="STIG.NET0460.USERS.1" />
<content type="table" index="48" title="Accounts assigned least privileges necessary to perform duties. - Summary result" ref="STIGCOMPLIANCE.SV-15471r3_rule.SUMM" />
<content type="table" index="49" title="Users" ref="STIG.NET0465.LOCAL.USERS.1" />
<content type="table" index="50" title="Unauthorized accounts are configured to access device. - Summary result" ref="STIGCOMPLIANCE.SV-3058r5_rule.SUMM" />
<content type="table" index="51" title="Users" ref="STIG.NET0470.USERS.1" />
<content type="table" index="52" title="Passwords are viewable when displaying the config. - Summary result" ref="STIGCOMPLIANCE.SV-41449r2_rule.SUMM" />
<content type="table" index="53" title="Users" ref="STIG.NET0600.LOCAL.USERS.1" />
<content type="table" index="54" title="Management connections must be secured by FIPS 140-2. - Summary result" ref="STIGCOMPLIANCE.SV-15451r3_rule.SUMM" />
<content type="table" index="55" title="Management Services" ref="STIG.NET1638.1" />
<content type="table" index="56" title="Management connections must be logged. - Summary result" ref="STIGCOMPLIANCE.SV-15455r2_rule.SUMM" />
<content type="table" index="57" title="VTY Lines" ref="STIG.NET1640.LINE.1" />
<content type="table" index="58" title="Running and startup configurations are not synchronized. - Summary result" ref="STIGCOMPLIANCE.SV-3072r3_rule.SUMM" />
<content type="table" index="59" title="TCP and UDP small server services are not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-3078r3_rule.SUMM" />
<content type="table" index="60" title="Small Services" ref="STIG.NET0720.SMALLSERVICES1" />
<content type="table" index="61" title="The finger service is not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-15305r2_rule.SUMM" />
<content type="table" index="62" title="STIG NET0730 Finger service status" ref="STIG.NET0730.FINGER" />
<content type="table" index="63" title="Configuration auto-loading must be disabled. - Summary result" ref="STIGCOMPLIANCE.SV-3080r3_rule.SUMM" />
<content type="table" index="64" title="IP Source Routing is not disabled on all routers. - Summary result" ref="STIGCOMPLIANCE.SV-15316r2_rule.SUMM" />
<content type="table" index="65" title="IP directed broadcast is not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-3083r3_rule.SUMM" />
<content type="table" index="66" title="HTTP server is not disabled - Summary result" ref="STIGCOMPLIANCE.SV-41467r1_rule.SUMM" />
<content type="table" index="67" title="STIG NET0740 HTTP service status" ref="STIG.NET0740.HTTP" />
<content type="table" index="68" title="The Bootp service is not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-3086r3_rule.SUMM" />
<content type="table" index="69" title="Devices exist with standard default passwords. - Summary result" ref="STIGCOMPLIANCE.SV-3143r4_rule.SUMM" />
<content type="table" index="70" title="Operating system is not at a current release level. - Summary result" ref="STIGCOMPLIANCE.SV-15302r2_rule.SUMM" />
<content type="table" index="71" title="Device information" ref="STIG.NET0700.VERSION1" />
<content type="table" index="72" title="Management connections must require passwords. - Summary result" ref="STIGCOMPLIANCE.SV-15448r3_rule.SUMM" />
<content type="table" index="73" title="Administrative Lines configured on Switch." ref="STIG.NET1636.LINES.1" />
<content type="table" index="74" title="Local users configured on Switch." ref="STIG.NET1636.USERS.1" />
<content type="table" index="75" title="An insecure version of SNMP is being used. - Summary result" ref="STIGCOMPLIANCE.SV-3196r4_rule.SUMM" />
<content type="table" index="76" title="Using default SNMP community names. - Summary result" ref="STIGCOMPLIANCE.SV-3210r4_rule.SUMM" />
<content type="table" index="77" title="More than one local account is defined. - Summary result" ref="STIGCOMPLIANCE.SV-15469r6_rule.SUMM" />
<content type="table" index="78" title="The console port does not timeout after 10 minutes. - Summary result" ref="STIGCOMPLIANCE.SV-15444r2_rule.SUMM" />
<content type="table" index="79" title="Network element must only allow SNMP read access. - Summary result" ref="STIGCOMPLIANCE.SV-30086r3_rule.SUMM" />
<content type="table" index="80" title="VLAN 1 is being used as a user VLAN. - Summary result" ref="STIGCOMPLIANCE.SV-3971r2_rule.SUMM" />
<content type="table" index="81" title="VLAN membership of non-trunking interfaces" ref="STIG.NETVLAN004.1" />
<content type="table" index="82" title="VLAN 1 interface configuration" ref="STIG.NETVLAN004.VLAN1.1" />
<content type="table" index="83" title="VLAN membership of non-trunking interfaces" ref="STIG.NETVLAN004.1" />
<content type="table" index="84" title="VLAN 1 traffic traverses across unnecessary trunk - Summary result" ref="STIGCOMPLIANCE.SV-3972r2_rule.SUMM" />
<content type="table" index="85" title="Disabled ports are not kept in an unused VLAN. - Summary result" ref="STIGCOMPLIANCE.SV-3973r2_rule.SUMM" />
<content type="table" index="86" title="Access switchports are assigned to the native VLAN - Summary result" ref="STIGCOMPLIANCE.SV-3984r2_rule.SUMM" />
<content type="table" index="87" title="Authentication required for console access. - Summary result" ref="STIGCOMPLIANCE.SV-19270r3_rule.SUMM" />
<content type="table" index="88" title="The network element must log all messages except debugging. - Summary result" ref="STIGCOMPLIANCE.SV-15476r2_rule.SUMM" />
<content type="table" index="89" title="Management connections are not restricted. - Summary result" ref="STIGCOMPLIANCE.SV-15449r3_rule.SUMM" />
<content type="table" index="90" title="SSH session timeout is not 60 seconds or less. - Summary result" ref="STIGCOMPLIANCE.SV-15457r2_rule.SUMM" />
<content type="table" index="91" title="SSH login attempts value is greater than 3. - Summary result" ref="STIGCOMPLIANCE.SV-15458r2_rule.SUMM" />
<content type="table" index="92" title="The PAD service is enabled. - Summary result" ref="STIGCOMPLIANCE.SV-5614r3_rule.SUMM" />
<content type="table" index="93" title="STIG NET0722 PAD service status" ref="STIG.NET0722.PAD" />
<content type="table" index="94" title="TCP Keep-Alives must be enabled. - Summary result" ref="STIGCOMPLIANCE.SV-5615r3_rule.SUMM" />
<content type="table" index="95" title="STIG NET0724 Inbound TCP Keep Alives" ref="STIG.NET0724.KEEPALIVES" />
<content type="table" index="96" title="Identification support is enabled. - Summary result" ref="STIGCOMPLIANCE.SV-5616r3_rule.SUMM" />
<content type="table" index="97" title="STIG NET0726 Identd status" ref="STIG.NET0726.IDENTD" />
<content type="table" index="98" title="Gratuitous ARP must be disabled. - Summary result" ref="STIGCOMPLIANCE.SV-5618r3_rule.SUMM" />
<content type="table" index="99" title="STIG NET0781 gratuitous ARP status" ref="STIG.NET0781.GARP" />
<content type="table" index="100" title="A dedicated VLAN is required for all trunk ports. - Summary result" ref="STIGCOMPLIANCE.SV-5622r2_rule.SUMM" />
<content type="table" index="101" title="Ensure trunking is disabled on all access ports. - Summary result" ref="STIGCOMPLIANCE.SV-5623r2_rule.SUMM" />
<content type="table" index="102" title="Re-authentication must occur every 60 minutes. - Summary result" ref="STIGCOMPLIANCE.SV-5624r2_rule.SUMM" />
<content type="table" index="103" title="IEEE 802.1x re-authentication" ref="STIG.NETNAC012.1" />
<content type="table" index="104" title="NET-NAC-009 - Summary result" ref="STIGCOMPLIANCE.SV-42190r2_rule.SUMM" />
<content type="table" index="105" title="The VLAN1 is being used for management traffic. - Summary result" ref="STIGCOMPLIANCE.SV-5628r2_rule.SUMM" />
<content type="table" index="106" title="Cisco Express Forwarding (CEF) not enabled on supported devices. - Summary result" ref="STIGCOMPLIANCE.SV-5645r4_rule.SUMM" />
<content type="table" index="107" title="Devices not configured to filter and drop half-open connections. - Summary result" ref="STIGCOMPLIANCE.SV-15435r4_rule.SUMM" />
<content type="table" index="108" title="An Infinite Lifetime key has not been implemented - Summary result" ref="STIGCOMPLIANCE.SV-7363r2_rule.SUMM" />
<content type="table" index="109" title="The auxiliary port is not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-15446r2_rule.SUMM" />
<content type="table" index="110" title="Key expiration exceeds 180 days. - Summary result" ref="STIGCOMPLIANCE.SV-15301r3_rule.SUMM" />
<content type="table" index="111" title="BSDr commands are not disabled. - Summary result" ref="STIGCOMPLIANCE.SV-15314r2_rule.SUMM" />
<content type="table" index="112" title="NTP messages are not authenticated. - Summary result" ref="STIGCOMPLIANCE.SV-16089r3_rule.SUMM" />
<content type="table" index="113" title="Authentication traffic does not use loopback address or OOB Management interface. - Summary result" ref="STIGCOMPLIANCE.SV-16091r2_rule.SUMM" />
<content type="table" index="114" title="Syslog traffic is not using loopback address or OOB management interface. - Summary result" ref="STIGCOMPLIANCE.SV-15340r2_rule.SUMM" />
<content type="table" index="115" title="NTP traffic is not using loopback address or OOB Management interface. - Summary result" ref="STIGCOMPLIANCE.SV-15343r2_rule.SUMM" />
<content type="table" index="116" title="SNMP traffic does not use loopback address or OOB Management interface. - Summary result" ref="STIGCOMPLIANCE.SV-15346r2_rule.SUMM" />
<content type="table" index="117" title="Netflow traffic is not using loopback address. - Summary result" ref="STIGCOMPLIANCE.SV-15349r2_rule.SUMM" />
<content type="table" index="118" title="FTP/TFTP traffic does not use loopback address or OOB Management interface. - Summary result" ref="STIGCOMPLIANCE.SV-15352r3_rule.SUMM" />
<content type="table" index="119" title="Loopback address is not used as the iBGP source IP. - Summary result" ref="STIGCOMPLIANCE.SV-15359r2_rule.SUMM" />
<content type="table" index="120" title="IPv6 Site Local Unicast ADDR must not be defined - Summary result" ref="STIGCOMPLIANCE.SV-15397r2_rule.SUMM" />
<content type="table" index="121" title="IPv6 routers are not configured with CEF enabled - Summary result" ref="STIGCOMPLIANCE.SV-15425r1_rule.SUMM" />
<content type="table" index="122" title="IPv6 Egress Outbound Spoofing Filter - Summary result" ref="STIGCOMPLIANCE.SV-15429r1_rule.SUMM" />
<content type="table" index="123" title="The network element must not allow SSH Version 1. - Summary result" ref="STIGCOMPLIANCE.SV-15460r2_rule.SUMM" />
<content type="table" index="124" title="ISATAP tunnels must terminate at interior router. - Summary result" ref="STIGCOMPLIANCE.SV-16068r2_rule.SUMM" />
<content type="table" index="125" title="The device is not authenticated using a AAA server. - Summary result" ref="STIGCOMPLIANCE.SV-16259r4_rule.SUMM" />
<content type="table" index="126" title="Emergency administration account privilege level is not set. - Summary result" ref="STIGCOMPLIANCE.SV-16261r5_rule.SUMM" />
<content type="table" index="127" title="Management traffic is not restricted - Summary result" ref="STIGCOMPLIANCE.SV-18945r2_rule.SUMM" />
<content type="table" index="128" title="Remote VPN end-point not a mirror of local gateway - Summary result" ref="STIGCOMPLIANCE.SV-19063r1_rule.SUMM" />
<content type="table" index="129" title="IGP instances do not peer with appropriate domain - Summary result" ref="STIGCOMPLIANCE.SV-19297r1_rule.SUMM" />
<content type="table" index="130" title="Routes from the two IGP domains are redistributed - Summary result" ref="STIGCOMPLIANCE.SV-19069r1_rule.SUMM" />
<content type="table" index="131" title="Managed network has access to OOBM gateway router - Summary result" ref="STIGCOMPLIANCE.SV-19301r1_rule.SUMM" />
<content type="table" index="132" title="Traffic from the managed network will leak - Summary result" ref="STIGCOMPLIANCE.SV-19303r1_rule.SUMM" />
<content type="table" index="133" title="Management traffic leaks into the managed network - Summary result" ref="STIGCOMPLIANCE.SV-19305r1_rule.SUMM" />
<content type="table" index="134" title="The OOBM interface not configured correctly. - Summary result" ref="STIGCOMPLIANCE.SV-20205r2_rule.SUMM" />
<content type="table" index="135" title="The management interface does not have an ACL. - Summary result" ref="STIGCOMPLIANCE.SV-20208r1_rule.SUMM" />
<content type="table" index="136" title="The management interface is not IGP passive. - Summary result" ref="STIGCOMPLIANCE.SV-19334r2_rule.SUMM" />
<content type="table" index="137" title="Management interface is assigned to a user VLAN. - Summary result" ref="STIGCOMPLIANCE.SV-19337r1_rule.SUMM" />
<content type="table" index="138" title="Management VLAN has invalid addresses - Summary result" ref="STIGCOMPLIANCE.SV-19338r1_rule.SUMM" />
<content type="table" index="139" title="Invalid ports with membership to the mgmt VLAN - Summary result" ref="STIGCOMPLIANCE.SV-19339r1_rule.SUMM" />
<content type="table" index="140" title="The management VLAN is not pruned from trunk links - Summary result" ref="STIGCOMPLIANCE.SV-19340r1_rule.SUMM" />
<content type="table" index="141" title="Mgmt VLAN does not have correct IP address - Summary result" ref="STIGCOMPLIANCE.SV-19702r1_rule.SUMM" />
<content type="table" index="142" title="No ingress ACL on management VLAN interface - Summary result" ref="STIGCOMPLIANCE.SV-19703r2_rule.SUMM" />
<content type="table" index="143" title="No inbound ACL for mgmt network sub-interface - Summary result" ref="STIGCOMPLIANCE.SV-19308r1_rule.SUMM" />
<content type="table" index="144" title="IPSec traffic is not restricted - Summary result" ref="STIGCOMPLIANCE.SV-19310r1_rule.SUMM" />
<content type="table" index="145" title="Management traffic is not classified and marked - Summary result" ref="STIGCOMPLIANCE.SV-19313r1_rule.SUMM" />
<content type="table" index="146" title="Management traffic doesn't get preferred treatment - Summary result" ref="STIGCOMPLIANCE.SV-19315r1_rule.SUMM" />
<content type="table" index="147" title="ACLs must restrict access to server VLANs. - Summary result" ref="STIGCOMPLIANCE.SV-20061r2_rule.SUMM" />
<content type="table" index="148" title="ACLs do not protect against compromised servers - Summary result" ref="STIGCOMPLIANCE.SV-20062r1_rule.SUMM" />
<content type="table" index="149" title="Restricted VLAN not assigned to non-802.1x device. - Summary result" ref="STIGCOMPLIANCE.SV-20088r2_rule.SUMM" />
<content type="table" index="150" title="Upstream access not restricted for non-802.1x VLAN - Summary result" ref="STIGCOMPLIANCE.SV-20089r1_rule.SUMM" />
<content type="table" index="151" title="NET-NAC-031 - Summary result" ref="STIGCOMPLIANCE.SV-49133r1_rule.SUMM" />
<content type="table" index="152" title="NET-TUNL-012 - Summary result" ref="STIGCOMPLIANCE.SV-20504r2_rule.SUMM" />
<content type="table" index="153" title="Control plane protection is not enabled. - Summary result" ref="STIGCOMPLIANCE.SV-21167r2_rule.SUMM" />
<content type="table" index="154" title="No Admin-local or Site-local boundary - Summary result" ref="STIGCOMPLIANCE.SV-21169r1_rule.SUMM" />
<content type="table" index="155" title="Two NTP servers are not used to synchronize time. - Summary result" ref="STIGCOMPLIANCE.SV-41497r1_rule.SUMM" />
<content type="table" index="156" title="Call home service is disabled. - Summary result" ref="STIGCOMPLIANCE.SV-38003r2_rule.SUMM" />
<content type="table" index="157" title="STIG NET0405 - Call Home Service Status" ref="STIG.NET0405.CALLHOME" />
<content type="table" index="158" title="PIM enabled on wrong interfaces - Summary result" ref="STIGCOMPLIANCE.SV-40312r1_rule.SUMM" />
<content type="table" index="159" title="PIM neighbor filter is not configured - Summary result" ref="STIGCOMPLIANCE.SV-40315r1_rule.SUMM" />
<content type="table" index="160" title="Invalid group used for source specific multicast - Summary result" ref="STIGCOMPLIANCE.SV-40326r1_rule.SUMM" />
<content type="table" index="161" title="Maximum hop limit is less than 32 - Summary result" ref="STIGCOMPLIANCE.SV-40389r1_rule.SUMM" />
<content type="table" index="162" title="The 6-to-4 router is not filtering protocol 41 - Summary result" ref="STIGCOMPLIANCE.SV-40454r1_rule.SUMM" />
<content type="table" index="163" title="6-to-4 router not filtering invalid source address - Summary result" ref="STIGCOMPLIANCE.SV-40539r1_rule.SUMM" />
<content type="table" index="164" title="L2TPv3 sessions are not authenticated - Summary result" ref="STIGCOMPLIANCE.SV-40556r1_rule.SUMM" />
<content type="table" index="165" title="BGP must authenticate all peers. - Summary result" ref="STIGCOMPLIANCE.SV-41555r2_rule.SUMM" />
<content type="table" index="166" title="DISA STIG device compliance summary" ref="STIGCOMPLIANCE.SUMMARY.DEVICES" />
<content type="table" index="167" title="DISA STIG recommendations" ref="STIGCOMPLIANCE.RECOMMENDATIONS.LIST" />
<content type="table" index="168" title="Basic information" ref="CONFIGURATION.BASIC.1" />
<content type="table" index="169" title="Network services" ref="CONFIGURATION.SERVICES1" />
<content type="table" index="170" title="General configuration information" ref="CONFIGURATION.GENERAL.CONFIG.1" />
<content type="table" index="171" title="User policy settings" ref="CONFIGURATION.USER.POLICY.1" />
<content type="table" index="172" title="Users" ref="CONFIGURATION.LOCAL.USERS.1" />
<content type="table" index="173" title="General administration settings" ref="CONFIGURATION.ADMINISTRATION.GENERAL.1" />
<content type="table" index="174" title="Telnet service settings" ref="TELNET.1" />
<content type="table" index="175" title="Telnet administrative interface lines" ref="TELNET.LINE.1" />
<content type="table" index="176" title="BSD R service settings" ref="RSH.1" />
<content type="table" index="177" title="Web-based administration service settings" ref="WEB.1" />
<content type="table" index="178" title="HTTPS web-based administration service encryption ciphers" ref="WEB.CIPHERS.1" />
<content type="table" index="179" title="Smaller servers settings" ref="SMALLSERVERS.1" />
<content type="table" index="180" title="BOOTP service settings" ref="CONFIGURATION.ADMINISTRATION.BOOTP.TABLE.1" />
<content type="table" index="181" title="Finger service settings" ref="CONFIGURATION.ADMINISTRATION.FINGER.TABLE.1" />
<content type="table" index="182" title="Administrative interface line configuration" ref="LINE.TABLE.1" />
<content type="table" index="183" title="SNMP settings" ref="SNMP.1" />
<content type="table" index="184" title="General logging settings" ref="GENERAL.1" />
<content type="table" index="185" title="Syslog logging configuration" ref="LOGGING.SYSLOG.1" />
<content type="table" index="186" title="Internal buffer logging configuration" ref="LOGGING.BUFFER.1" />
<content type="table" index="187" title="Console logging configuration" ref="LOGGING.CONSOLE.1" />
<content type="table" index="188" title="Terminal line logging configuration" ref="LOGGING.TERMINAL.1" />
<content type="table" index="189" title="DNS client configuration" ref="CONFIGURATION.NAME.RESOLUTION.DNS.CLIENT.1" />
<content type="table" index="190" title="General interface related settings" ref="GENERAL.TABLE.1" />
<content type="table" index="191" title="General IPv4 protocol settings" ref="ADDRESSES.IPV4.GENERAL.1" />
<content type="table" index="192" title="IPv4 addresses" ref="ADDRESSES.IPV4.INTERFACES.1" />
<content type="table" index="193" title="IPv4 ICMP Options" ref="ADDRESSES.IPV4.ICMP.1" />
<content type="table" index="194" title="CDP settings" ref="CDP.1" />
<content type="table" index="195" title="CDP on network interfaces" ref="CDP.NETWORKS.INTERFACES.1" />
<content type="table" index="196" title="DTP on network interfaces" ref="DTP.NETWORKS.INTERFACES.1" />
<content type="table" index="197" title="VTP settings" ref="VTP.1" />
<content type="table" index="198" title="STP settings" ref="STP.1" />
<content type="table" index="199" title="STP on network interfaces" ref="STP.NETWORKS.INTERFACES.1" />
<content type="table" index="200" title="IEEE 802.1X on network interfaces" ref="CONFIGURATION.PROTOCOLS.IEEE802.1X.INTERFACES.1" />
<content type="table" index="201" title="Port security settings" ref="CONFIGURATION.PROTOCOLS.PORTSECURITY.1" />
<content type="table" index="202" title="Fast Ethernet interfaces" ref="FETHERINTERFACES.1" />
<content type="table" index="203" title="Gigabit Ethernet interfaces" ref="GETHERINTERFACES.1" />
<content type="table" index="204" title="VLAN interfaces" ref="VLANINTERFACES.1" />
<content type="table" index="205" title="General Routing Settings" ref="ROUTING.1" />
<content type="table" index="206" title="General remote access settings" ref="GENERAL.1" />
<content type="table" index="207" title="General Time Settings" ref="TIMEZONE.GENERAL.1" />
<content type="table" index="208" title="NTP client settings" ref="NTP.CLIENT.1" />
<content type="table" index="209" title="Interface NTP client settings" ref="NTP.CLIENT.INTERFACES.1" />
<content type="table" index="210" title="NTP server configuration" ref="NTP.SERVER.1" />
<content type="table" index="211" title="Interface NTP server settings" ref="NTP.SERVER.INTERFACES.1" />
<content type="table" index="212" title="Logging message severity levels" ref="TABLE.212" />
<content type="table" index="213" title="Common time zones" ref="TABLE.213" />
<content type="table" index="214" title="IP Protocols" ref="TABLE.214" />
<content type="table" index="215" title="ICMP Types" ref="TABLE.215" />
<content type="table" index="216" title="Abbreviations" ref="TABLE.216" />
</tables>
</contents>
<report>
<part index="1" title="Your Report" ref="YOURREPORT">
<section index="1.1" title="Introduction" ref="INTRODUCTION">
<text>This report was produced by Nipper Studio on Tuesday, August 8, 2017. This report is comprised of the following sections:</text>
<list type="bullet">
<listitem>a security audit section which details any identified security-related issues. Each security issue identified includes details of what was found together with the impact of the issue, how easy it would be for an attacker to exploit and a recommendation. The recommendations may include alternatives and, where relevant, the commands to resolve the issue;</listitem>
<listitem>a software vulnerability audit section that provides a comparison of the device software versions against a database of known vulnerabilities. In addition to a brief description, each potential vulnerability includes a CVSSv2 score and references to more specific information provided by the device manufacturers and third parties;</listitem>
<listitem>a DISA STIG report section that provides compliance information against specific checklists. The report includes a summary of the findings, detailed findings and recommendations on remedial action together with references and severity information;</listitem>
<listitem>a configuration report which details the configuration settings of all the audited devices in an easy to read format. The configuration settings are divided in to report sub-sections which group related settings together and provide additional information about their purpose.</listitem>
</list>
</section>
<section index="1.2" title="Report Conventions" ref="REPORTCONVENTIONS">
<text>This report makes use of the text conventions detailed in Table <linktotable ref="REPORTTEXTCONVENTIONS">4</linktotable>.</text>
<table index="4" title="Report text conventions" ref="REPORTTEXTCONVENTIONS">
<headings>
<heading>Convention</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item><command>command</command>
</item></tablecell>
<tablecell><item>This text style represents a device command that should be entered literally.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item><command><cmduser>user data</cmduser></command>
</item></tablecell>
<tablecell><item>This style of text represents a part of a device command that you should substitute with a relevant value. For example, a command that sets a device's IP address would use this text style in a position where the address should be entered.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item><command>[ ]</command>
</item></tablecell>
<tablecell><item>These are used to enclose a part of a command that should be treated as optional.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item><command>{ }</command>
</item></tablecell>
<tablecell><item>These are used to enclose a part of a command that is required.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item><command>|</command>
</item></tablecell>
<tablecell><item>This is used to divide options which could be enclosed in either required or optional braces.</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="1.3" title="Compliance Check Results" ref="REPORTCOMPLIANCERESULT">
<text>Each compliance audit check is given a status that indicates the outcome of the audit for that check. Table <linktotable ref="REPORTCOMPLIANCERESULT.TABLE">5</linktotable> details each of the posible status types.</text>
<table index="5" title="Compliance check status definitions" ref="REPORTCOMPLIANCERESULT.TABLE">
<headings>
<heading>Status</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Passed</item></tablecell>
<tablecell><item>The check passed all the requirements. For example, the Telnet service should be disabled and it was.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Failed</item></tablecell>
<tablecell><item>The check failed to meet some or all of the requirements. For example, the check may specify that support for only SSH protocol version 2 must be configured and version 1 was allowed.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Manual</item></tablecell>
<tablecell><item>The check requires a manual assessment. For example, the check may require the auditor to determine if cables are physically attached to specific ports on a switch.</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
</part>
<part index="2" title="Security Audit" ref="SECURITYAUDIT">
<section index="2.1" title="Introduction" ref="SECURITY.INTRODUCTION">
<text>Nipper Studio performed a security audit on Tuesday, August 8, 2017 of the device detailed in Table <linktotable ref="SECURITY.AUDITDEVICELIST.TABLE">6</linktotable>.</text>
<table index="6" title="Security audit device list" ref="SECURITY.AUDITDEVICELIST.TABLE">
<headings>
<heading>Device</heading>
<heading>Name</heading>
<heading>OS</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>IOS 12.2</item></tablecell>
</tablerow>
</tablebody>
</table>
<section index="2.1.1" title="Security Issue Overview" ref="SECURITY.ISSUEOVERVIEW">
<text>Each security issue identified by Nipper Studio is described with a finding, the impact of the issue, how easy it would be for an attacker to exploit the issue and a recommendation.</text>
<text title="Issue Finding">The issue finding describes what Nipper Studio identified during the security audit. Typically, the finding will include background information on what particular configuration settings are prior to describing what was found.</text>
<text title="Issue Impact">The issue impact describes what an attacker could achieve from exploiting the security audit finding. However, it is worth noting that the impact of an issue can often be influenced by other configuration settings, which could heighten or partially mitigate the issue. For example, a weak password could be partially mitigated if the access gained from using it is restricted in some way.</text>
<text title="Issue Ease">The issue ease describes the knowledge, skill, level of access and time scales that would be required by an attacker in order to exploit an issue. The issue ease will describe, where relevant, if any Open Source or commercially available tools could be used to exploit an issue.</text>
<text title="Issue Recommendation">Each issue includes a recommendation section which describes the steps that Nipper Studio recommends should be taken in order to mitigate the issue. The recommendation includes, where relevant, the commands that can be used to resolve the issue.</text>
</section>
<section index="2.1.2" title="Rating System Overview" ref="SECURITY.RATINGSYSTEM">
<text>Each issue identified in the security audit is rated against both the impact of the issue and how easy it would be for an attacker to exploit. The fix rating provides a guide to the effort required to resolve the issue. The overall rating for the issue is calculated based on the issue's impact and ease ratings.</text>
<text title="Impact Rating">An issue's impact rating is determined using the criteria outlined in Table <linktotable ref="SECURITY.IMPACTRATING">7</linktotable>.</text>
<table index="7" title="The impact rating" ref="SECURITY.IMPACTRATING">
<headings>
<heading>Rating</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>These issues can pose a very significant security threat. The issues that have a critical impact are typically those that would allow an attacker to gain full administrative access to the device. For a firewall device, allowing all traffic to pass through the device unfiltered would receive this rating as filtering traffic to protect other devices is the primary purpose of a firewall.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>High</item></tablecell>
<tablecell><item>These issues pose a significant threat to security, but have some limitations on the extent to which they can be abused. User level access to a device and a DoS vulnerability in a critical service would fall into this category. A firewall device that allowed significant unfiltered access, such as allowing entire subnets through or not filtering in all directions, would fall into this category. A router that allows significant modification of its routing configuration would also fall into this category.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>These issues have significant limitations on the direct impact they can cause. Typically, these issues would include significant information leakage issues, less significant DoS issues or those that provide significantly limited access. An SNMP service that is secured with a default or a dictionary-based community string would typically fall into this rating, as would a firewall that allows unfiltered access to a range of services on a device.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Low</item></tablecell>
<tablecell><item>These issues represent a low level security threat. A typical issue would involve information leakage that could be useful to an attacker, such as a list of users or version details. A non-firewall device that was configured with weak network filtering would fall into this category.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>These issues represent a very low level of security threat. These issues include minor information leakage, unnecessary services or legacy protocols that present no real threat to security.</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Ease Rating">An issue's ease rating is determined using the criteria outlined in Table <linktotable ref="SECURITY.EASERATING">8</linktotable>.</text>
<table index="8" title="The ease rating" ref="SECURITY.EASERATING">
<headings>
<heading>Rating</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Trivial</item></tablecell>
<tablecell><item>The issue requires little-to-no knowledge on behalf of an attacker and can be exploited using standard operating system tools. A firewall device which had a network filtering configuration that enables traffic to pass through would fall into this category.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Easy</item></tablecell>
<tablecell><item>The issue requires some knowledge for an attacker to exploit, which could be performed using standard operating system tools or tools downloaded from the Internet. An administrative service without or with a default password would fall into this category, as would a simple software vulnerability exploit.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Moderate</item></tablecell>
<tablecell><item>The issue requires specific knowledge on behalf of an attacker. The issue could be exploited using a combination of operating system tools or publicly available tools downloaded from the Internet.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Challenge</item></tablecell>
<tablecell><item>A security issue that falls into this category would require significant effort and knowledge on behalf of the attacker. The attacker may require specific physical access to resources or to the network infrastructure in order to successfully exploit the vulnerability. Furthermore, a combination of attacks may be required.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>The issue is not directly exploitable. An issue such as enabling legacy protocols or unnecessary services would fall into this rating category.</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Fix Rating">An issue's fix rating is determined using the criteria outlined in Table <linktotable ref="SECURITY.FIXRATING">9</linktotable>.</text>
<table index="9" title="The fix rating" ref="SECURITY.FIXRATING">
<headings>
<heading>Rating</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Involved</item></tablecell>
<tablecell><item>The resolution of the issue will require significant resources to resolve and is likely to include disruption to network services, and possibly the modification of other network device configurations. The issue could involve upgrading a device's OS and possible modifications to the hardware.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Planned</item></tablecell>
<tablecell><item>The issue resolution involves planning, testing and could cause some disruption to services. This issue could involve changes to routing protocols and changes to network filtering.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Quick</item></tablecell>
<tablecell><item>The issue is quick to resolve. Typically this would just involve changing a small number of settings and would have little-to-no effect on network services.</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Notes">It is worth noting that Nipper Studio is unable to provide an accurate threat assessment due to a lack of contextual information. For example, in the case where highly sensitive information is processed, a Denial of Service vulnerability poses less of a threat than the integrity of the data or an attacker gaining access to it. Similarly, for a situation where up-time is critical, a DoS vulnerability could be more important than the leakage of sensitive information. Therefore the ratings provided by Nipper Studio are only intended to be a guide to an issue's significance.</text>
</section>
</section>
<section index="2.2" title="Users With A Weak Authentication Password" ref="AUTHENTICATION.USERS.WEAKPASSWORD">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>Critical</impact>
<ease>Moderate</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.2.1" title="Finding" ref="FINDING">
<text>Access to restricted network user and administration services are typically secured using username and password authentication credentials. The strength of the authentication credentials is even more important if the service allows for devices to be reconfigured or it allows access to potentially sensitive information.</text>
<text>Nipper Studio identified three user accounts with a weak password on Switch. These are listed in Table <linktotable ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">10</linktotable> and includes administrative access to the device.</text>
<table index="10" title="Users on Switch with a weak password" ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">
<headings>
<heading>User</heading>
<heading>Password</heading>
<heading>Privilege</heading>
<heading>Weakness</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>enable (password)</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>15</item></tablecell>
<tablecell><item>Too short</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTY 0 - 4 Line</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Too short</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTY 5 - 15 Line</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Too short</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.2.2" title="Impact" ref="IMPACT">
<text>A malicious user, or remote attacker, who is able to connect to an administrative service will be able to authenticate to the device without using a password. The attacker will then be able to perform administrative and user level tasks. This could include re-configuring the device, extracting potentially sensitive information and disabling the device. Once an attacker has obtained the configuration from the device they may be able to identify authentication credentials that could then be used to gain access to other network devices.</text>
</section>
<section index="2.2.3" title="Ease" ref="EASE">
<text>Password brute-forcing tools and techniques have been widely documented on the Internet and published media. Although there are a number of different tools available, brute-forcing authentication credentials can be problematic.</text>
<list type="numbererd">
<listitem>Account lockout facilities can quickly prevent access to the account.</listitem>
<listitem>Device protection mechanisms may slow or disconnect connections where multiple authentication attempts are made in a short period of time.</listitem>
<listitem>Brute-forcing can be very time consuming, especially if the password is long or made up of various character types.</listitem>
<listitem>Network administrators may be alerted to locked out accounts or authentication attempts.</listitem>
</list>
</section>
<section index="2.2.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio strongly recommends that all authentication credentials should be configured with a strong password.</text>
<text>Nipper Studio recommends that:</text>
<list type="bullet">
<listitem>passwords should be at least eight characters in length;</listitem>
<listitem>characters in the password should not be repeated more than three times;</listitem>
<listitem>passwords should include both upper case and lower case characters;</listitem>
<listitem>passwords should include numbers;</listitem>
<listitem>passwords should include punctuation characters;</listitem>
<listitem>passwords should not include the username;</listitem>
<listitem>passwords should not include a device's name, make or model;</listitem>
<listitem>passwords should not be based on dictionary words.</listitem>
</list>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The following commands can be used on Cisco Catalyst Switch devices to set the enable password, create a local user with a password and to delete a local user:<code><command>enable secret <cmduser>password</cmduser></command>
<command>username <cmduser>user</cmduser> secret <cmduser>password</cmduser></command>
<command>no username <cmduser>user</cmduser></command>
</code></text>
</section>
</section>
<section index="2.3" title="Clear Text Telnet Service Enabled" ref="ADMINISTRATION.TELNET.ENABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.3.1" title="Finding" ref="FINDING">
<text>The Telnet protocol (described in RFC 15 and RFC 854) is a clear-text protocol that is widely used to provide command-based access to systems and applications. Telnet is a simple protocol that was one of the first TCP/IP protocols to be developed, before security features were given a greater importance. Many modern network devices still provide a Telnet service for remote administrative purposes alongside the more secure Secure Shell service.</text>
<text>Nipper Studio determined that the Telnet service was enabled on Switch.</text>
<text>The Telnet service is enabled on individual administrative lines on Cisco Catalyst Switch devices, the configuration of the lines for Switch are detailed in Table <linktotable ref="ADMINISTRATION.LINE.TELNET.ENABLED">11</linktotable>.</text>
<table index="11" title="Telnet line settings on Switch" ref="ADMINISTRATION.LINE.TELNET.ENABLED">
<headings>
<heading>Line</heading>
<heading>Access</heading>
<heading>Login</heading>
<heading>Level</heading>
<heading>Password</heading>
<heading>Authorization</heading>
<heading>Accounting</heading>
<heading>Filter In</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>VTY 0 - 4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTY 5 - 15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.3.2" title="Impact" ref="IMPACT">
<text>Due to the lack of encryption provided by the Telnet protocol, an attacker who is able to monitor a Telnet session would be able to view all of the authentication credentials and data passed in the session. The attacker could then attempt to gain access to the device using the authentication credentials extracted from the session and potentially gain access under the context of that user. Since Telnet is commonly used for network device administration this could gain the attacker an administrative level of access.</text>
</section>
<section index="2.3.3" title="Ease" ref="EASE">
<text>To exploit the fact that the Telnet protocol does not provide any encryption, the attacker would need to be able to monitor the Telnet session between a Telnet server and client. In some situations the attacker may not need to perform any further action other than launching a network monitoring tool. However, in a switched network the attacker may need to perform additional actions such as an ARP attack and in a routed environment the attacker may have to compromise the network routing.</text>
<text>Tools that are capable of both monitoring and displaying network traffic in an easy to read form can be downloaded from the Internet. There are also tools that automatically detect where authentication credentials or files are being transferred and display or save the data. Tools are also available that enable an attacker to easily perform a variety of network attacks in order to be able to monitor and intercept sessions between two network devices.</text>
</section>
<section index="2.3.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that the Telnet service should be disabled. If remote administrative access is required then Nipper Studio recommends that a cryptographically secure alternative, such as SSH, should be used instead. If Telnet has to be used then Nipper Studio recommends that network filtering should be employed to restrict access to the service from only those specific devices that need the access.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Telnet must be disabled on Cisco Catalyst Switch devices for each transport line that the service is enabled. If supported, the SSH protocol can also be enabled using the same command. This can be configured using the following command:<code><command>transport input [none | ssh]</command>
</code></text>
</section>
</section>
<section index="2.4" title="Administration Line Without An ACL Configured" ref="ADMINISTRATION.LINE.NOACL">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.4.1" title="Finding" ref="FINDING">
<text>Some devices use administrative line configurations to configure which administrative services, such as Telnet and SSH command line services, should be offered by the device. Additionally administrative lines can be configured to specify additional options such as authentication methods, access restrictions, timeouts and more.</text>
<text>Nipper Studio determined that on Switch no inbound ACL was configured on the administrative lines detailed in Table <linktotable ref="SECURITY.ADMINISTRATION.LINE.ACLIN.1">12</linktotable>.</text>
<table index="12" title="Switch administrative lines with no inbound ACL" ref="SECURITY.ADMINISTRATION.LINE.ACLIN.1">
<headings>
<heading>Line</heading>
<heading>Access</heading>
<heading>Login</heading>
<heading>Level</heading>
<heading>Password</heading>
<heading>Telnet</heading>
<heading>Filter In</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>VTY 0 - 4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTY 5 - 15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.4.2" title="Impact" ref="IMPACT">
<text>Without any administrative line inbound management host address restrictions an attacker, or malicious user, would be able to connect to an administrative line service. If the service requires authentication and the attacker does not have any authentication credentials, they could attempt to gain access to the service using a brute-force attack. Furthermore, if a software vulnerability is present in the service then allowing anyone to connect to the service could enable an attacker to exploit the vulnerability.</text>
</section>
<section index="2.4.3" title="Ease" ref="EASE">
<text>With no administrative line inbound network host access restrictions an attacker would not be prevented by the device from connecting to the services offered. Administrative service client access tools are commonly installed by default on desktop operating systems and hacking tools, clients and exploit code are also available on the Internet for a number of different administrative services.</text>
</section>
<section index="2.4.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that an ACL is created to restrict access from only those network hosts that require access. Nipper Studio then recommends that the ACL should be applied to the line in order to restrict inbound access to the administrative services.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>On Cisco Catalyst Switch devices an inbound ACL can be created and assigned to an administrative line using the following commands:<code><command>ip access-list standard <cmduser>access-list-number</cmduser></command>
<command> remark <cmduser>description</cmduser></command>
<command> permit <cmduser>ip-address</cmduser> <cmduser>wildcard</cmduser> [log]</command>
<command> exit</command>
<command>line <cmduser>line-type</cmduser> <cmduser>line-number(s)</cmduser></command>
<command> access-class <cmduser>access-list-number</cmduser> in</command>
</code></text>
</section>
</section>
<section index="2.5" title="STP BPDU Guard Not Enabled" ref="PROTOCOLS.STP.BPDUGUARD">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.5.1" title="Finding" ref="FINDING">
<text>The STP is used to help prevent network loops, which can cause significant network disruption. When a loop is detected, STP can automatically perform an action, such as blocking a network interface, in order to prevent networking issues caused by a loop. STP was originally standardized in the Institute of Electrical and Electronics Engineers 802.1D and has since evolved in to other standards such as RSTP.</text>
<text>STP makes use of BPDU network packets to send information about the network root bridges, link priorities, topology updates and more. However, STP does not implement any authentication or encryption of this data. Therefore additional features, such as BPDU Guard, have been added by most device manufacturers in order to provide a better level of security. The BPDU Guard feature will disable a port which receives a BPDU in order to prevent unauthorized ports from participating in STP and receiving malicious updates.</text>
<text>Nipper Studio determined that BPDU Guard was disabled on Switch.</text>
</section>
<section index="2.5.2" title="Impact" ref="IMPACT">
<text>Because STP does not provide any authentication or encryption, an attacker could inject a malicious BPDU which would force a topology update. This attack could enable an attacker to perform a network DoS or a Man-In-The-Middle attack and capture potentially sensitive information.</text>
</section>
<section index="2.5.3" title="Ease" ref="EASE">
<text>Tools are available on the Internet that would enable an attacker to inject malicious STP BPDU packets. Although the attacker would need to be connected to the network, they would not require any specialist knowledge.</text>
</section>
<section index="2.5.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that the BPDU Guard feature should be enabled globally and on all non-bridging network interfaces, such as those directly connected to servers, workstations and printers.</text>
</section>
</section>
<section index="2.6" title="STP Root Guard Not Enabled" ref="PROTOCOLS.STP.ROOTGUARD">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.6.1" title="Finding" ref="FINDING">
<text>The STP is used to help prevent network loops, which can cause significant network disruption. When a loop is detected, STP can automatically perform an action, such as blocking a network interface, in order to prevent networking issues caused by a loop. STP was originally standardized in the IEEE 802.1D and has since evolved in to other standards such as RSTP.</text>
<text>STP makes use of BPDU network packets to send information about the network root bridges, link priorities, topology updates and more. However, STP does not implement any authentication or encryption of this data. When Root Guard is enabled on a port and a superior BPDU is received, the port is disabled to help prevent a change to the root bridge. Depending on the type of device, it can be possible for a port to become active once more when superior BPDU are no longer being received on a disabled port.</text>
<text>Nipper Studio determined that the STP Root Guard feature was not enabled on 28 network interfaces on Switch. These network interfaces are detailed in Table <linktotable ref="PROTOCOLS.STP.ROOTGUARD.1">13</linktotable>.</text>
<table index="13" title="Network interfaces on Switch with no STP Root Guard" ref="PROTOCOLS.STP.ROOTGUARD.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Description</heading>
<heading>STP</heading>
<heading>Port Fast</heading>
<heading>BPDU Guard</heading>
<heading>BPDU Filter</heading>
<heading>Root Guard</heading>
<heading>Loop Guard</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/5</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/6</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/7</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/8</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/9</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/10</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/11</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/12</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan1</item></tablecell>
<tablecell><item>No</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.6.2" title="Impact" ref="IMPACT">
<text>Because STP does not provide any authentication or encryption, an attacker could inject a malicious STP packet with a superior BPDU in order to become the root bridge. This attack could enable an attacker to perform a network DoS or a MITM attack and capture potentially sensitive information.</text>
</section>
<section index="2.6.3" title="Ease" ref="EASE">
<text>Tools are available on the Internet that would enable an attacker to inject malicious STP BPDU packets. Although the attacker would need to be connected to the network, they would not require any specialist knowledge.</text>
</section>
<section index="2.6.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that the STP Root Guard feature should be enabled on all bridging network interfaces.</text>
</section>
</section>
<section index="2.7" title="No VTP Authentication Password Was Configured" ref="PROTOCOLS.VTP.NOPASSWORD">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.7.1" title="Finding" ref="FINDING">
<text>VTP was developed by Cisco to assist with the management of VLANs over multiple devices. The protocol enables the addition, renaming and deletion of VLANs on a single switch to be propagated to other network switches in the same VTP domain. VTP can be configured to authenticate updates with the use of a password.</text>
<text>Nipper Studio determined that no VTP password was configured on Switch.</text>
</section>
<section index="2.7.2" title="Impact" ref="IMPACT">
<text>If no VTP authentication password is configured, an attacker could potentially modify the VLAN configuration on all the network switches causing a DoS.</text>
</section>
<section index="2.7.3" title="Ease" ref="EASE">
<text>An attacker could download a VTP attack tool from the Internet or use their own VTP capable switch. However, the network switches would have to be configured to accept the VTP updates. The attacker would then have to ensure that their configuration has a higher revision number.</text>
</section>
<section index="2.7.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, VTP should be disabled or placed in transparent mode. However, if VTP is required Nipper Studio recommends that a strong VTP authentication password should be configured on all VTP devices. Nipper Studio recommends that:</text>
<list type="bullet">
<listitem>passwords should be at least eight characters in length;</listitem>
<listitem>characters in the password should not be repeated more than three times;</listitem>
<listitem>passwords should include both upper case and lower case characters;</listitem>
<listitem>passwords should include numbers;</listitem>
<listitem>passwords should include punctuation characters;</listitem>
<listitem>passwords should not include the username;</listitem>
<listitem>passwords should not include a device's name, make or model;</listitem>
<listitem>passwords should not be based on dictionary words.</listitem>
</list>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>VTP can be set to transparent mode on Cisco Catalyst Switch devices using one of the following commands:<code><command>vtp transparent</command>
<command>vtp mode transparent</command>
</code></text>
<text>A VTP password can be configured on a Cisco Catalyst Switch device using the following command:<code><command>vtp password <cmduser>password-string</cmduser></command>
</code> On some Cisco Catalyst Switch devices the VTP password is not included in the configuration file, therefore it is not possible for Nipper Studio to validate this has been set correctly.</text>
</section>
</section>
<section index="2.8" title="Enable Password Configured" ref="AUTHENTICATION.USERS.ENABLE">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Trivial</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.8.1" title="Finding" ref="FINDING">
<text>Cisco Internet Operating System-based devices enable passwords can be stored using Message Digest 5 hashes or using the Cisco Type 7 password encoding algorithm. A strong password stored using an MD5 hash can take a significant period of time to brute-force. However, the same password stored in Cisco Type 7 form can be reversed in a fraction of a second. The MD5 enable user password hash can be created using the <command>secret</command>
keyword, whilst the Cisco Type 7 hash is created using the <command>password</command>
keyword.</text>
<text>Nipper Studio identified an enable password on Switch that was not stored using an MD5 hash. This is shown in Table <linktotable ref="AUTHENTICATION.USERS.ENABLE.1">14</linktotable></text>
<table index="14" title="Enable password stored on Switch without using MD5" ref="AUTHENTICATION.USERS.ENABLE.1">
<headings>
<heading>User</heading>
<heading>Password</heading>
<heading>Privilege</heading>
<heading>Filter</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item ref="CONFIG.1.2">enable (password)</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>15</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.8.2" title="Impact" ref="IMPACT">
<text>An attacker could use an enable password from a Cisco device to gain administrative level access to the device and modify its configuration. It is important to note, that Nipper Studio found that the &quot;enable secret&quot; method had also been used within the configuration, which would override the &quot;enable password&quot; setting.</text>
</section>
<section index="2.8.3" title="Ease" ref="EASE">
<text>An attacker who had access to the Cisco configuration file would easily be able to retrieve passwords that are stored in clear-text or using the Cisco type-7 encryption. However, an attacker who had access to a Cisco configuration file could attempt a brute-force attack against the stronger MD5 hashes. Tools can be downloaded from the Internet that are capable of reversing Cisco Type 7 passwords. However, an attacker would need to obtain a copy of the configuration file and would need to be able to gain initial access to the device before they could make use of an enable password.</text>
</section>
<section index="2.8.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that all enable passwords should be stored using the MD5 hash. The following command can be used to remove the Cisco Type 7 enable password:<code><command>no enable password</command>
</code></text>
<text>Because Nipper Studio found that the &quot;enable secret&quot; method was in use, the password provided using &quot;enable password&quot; would not be used. However, it is still recommended to remove Cisco Type 7 enable passwords from the device.</text>
<text>MD5 enable passwords can be configured using the following command:<code><command>enable secret [level <cmduser>password</cmduser>] <cmduser>password</cmduser></command>
</code></text>
</section>
</section>
<section index="2.9" title="No Inbound TCP Connection Keep-Alives" ref="PROTOCOLS.KEEPALIVES.IN">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>High</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.9.1" title="Finding" ref="FINDING">
<text>The keep-alive messages are used to determine if a connection is active or has become orphaned and is no longer used. Depending on the result, the device can reclaim resources allocated to inbound connections that have become orphaned. Connections to a device could become orphaned if a connection becomes disrupted or if the client has not properly terminated a connection.</text>
<text>Nipper Studio determined that TCP keep-alive messages were not configured for inbound connections on Switch.</text>
</section>
<section index="2.9.2" title="Impact" ref="IMPACT">
<text>An attacker could attempt a DoS attack against a device by exhausting the number of possible connections. To perform this attack, the attacker could keep requesting new connections to the device and spoof the source IP addresses. This would then prevent any new legitimate connections to the device from being made as the device awaits the completion of the connection attempts that have already been initiated. This attack would prevent both users and administrators from connecting to the device.</text>
</section>
<section index="2.9.3" title="Ease" ref="EASE">
<text>Tools can be downloaded from the Internet that are capable of opening a large number of TCP connections without correctly terminating them.</text>
</section>
<section index="2.9.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that TCP keep alive messages should be sent to detect and drop orphaned connections from remote systems.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Keep-alive messages can be sent for inbound TCP connections to Cisco Catalyst Switch devices with the following command:<code><command>service tcp-keepalives-in</command>
</code></text>
</section>
</section>
<section index="2.10" title="DTP Was Enabled" ref="PROTOCOLS.DTPENABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Medium</rating>
<impact>High</impact>
<ease>Moderate</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.10.1" title="Finding" ref="FINDING">
<text>DTP is a proprietary protocol developed by Cisco for the purpose of negotiating VLAN trunking between switches. When enabled the switch can dynamically negotiate trunking with an attached switch without requiring any manual configuration. Once the negotiation is successful, any VLANs configured to trunk will then be transferred between the devices. If specific VLANs have not been specified then all VLANs will be transferred.</text>
<text>Nipper Studio determined that DTP was enabled on fourteen network interfaces on Switch. These are detailed in Table <linktotable ref="PROTOCOLS.DTPENABLED.1">15</linktotable>.</text>
<table index="15" title="Network interfaces on Switch with DTP enabled" ref="PROTOCOLS.DTPENABLED.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>VLAN</heading>
<heading>Trunk</heading>
<heading>Trunk VLAN</heading>
<heading>DTP</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.10.2" title="Impact" ref="IMPACT">
<text>An attacker could attempt to negotiate a trunk with the device in order to gain access to all the VLANs configured for the trunk. This will enable an attacker to bypass any network filtering provided to restrict access between VLANs. For example, if a management network were to be available then the attacker will be able to connect to all the devices and services offered on that network as if they were attached to it directly.</text>
</section>
<section index="2.10.3" title="Ease" ref="EASE">
<text>Software to enable an attacker to negotiate a trunk is available on the Internet. Alternatively an attacker could make use of their own DTP capable network device.</text>
</section>
<section index="2.10.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, DTP should be disabled. Nipper Studio recommends that switch ports should be configured to either trunk or not and those ports where trunking is required should only be configured to trunk the required VLANs.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Switch ports can be configured to either trunk or not and DTP negotiation disabled using the following interface commands:<code><command>switchport mode {access | trunk}</command>
<command>switchport nonegotiate</command>
</code></text>
</section>
</section>
<section index="2.11" title="STP Loop Guard Not Enabled" ref="PROTOCOLS.STP.LOOPGUARD">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Medium</rating>
<impact>High</impact>
<ease>Challenging</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.11.1" title="Finding" ref="FINDING">
<text>The STP is used to help prevent network loops, which can cause significant network disruption. When a loop is detected, STP can automatically perform an action, such as blocking a network interface, in order to prevent networking issues caused by a loop. STP was originally standardized in the IEEE 802.1D and has since evolved in to other standards such as RSTP.</text>
<text>Occasionally a software/hardware failure can cause STP to fail, creating STP forwarding loops that can cause a network failure where unidirectional links are used. The STP Loop Guard feature will prevent a port from automatically transitioning from a blocking state to forwarding network traffic when BPDU are no longer being received. Instead the port will be placed in a loop inconsistant state. If no BPDU have been received after a timeout has expired, the port continue to transition to a forwarding state. However, if BPDU are received then the port will be placed back in to a blocking state. This helps to prevent the creation of a STP forwarding loop.</text>
<text>Nipper Studio determined that the STP Loop Guard feature was not enabled on 16 network interfaces on Switch. These network interfaces are detailed in Table <linktotable ref="PROTOCOLS.STP.LOOPGUARD.1">16</linktotable>.</text>
<table index="16" title="Network interfaces on Switch with no STP Loop Guard" ref="PROTOCOLS.STP.LOOPGUARD.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Description</heading>
<heading>STP</heading>
<heading>Port Fast</heading>
<heading>BPDU Guard</heading>
<heading>BPDU Filter</heading>
<heading>Root Guard</heading>
<heading>Loop Guard</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan1</item></tablecell>
<tablecell><item>No</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>Off</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.11.2" title="Impact" ref="IMPACT">
<text>An attacker, who is able to disrupt STP, could cause a network DoS if STP incorrectly transitions a blocking port to a forwarding port.</text>
</section>
<section index="2.11.3" title="Ease" ref="EASE">
<text>An attacker would need to temporarily disrupt STP on a device. This could either by attacking STP directly or by causing Central Processing Unit utilization issues on the device.</text>
</section>
<section index="2.11.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that the STP Root Guard feature should be enabled on all bridging network interfaces.</text>
</section>
</section>
<section index="2.12" title="No Outbound TCP Connection Keep-Alives" ref="PROTOCOLS.KEEPALIVES.OUT">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Medium</rating>
<impact>High</impact>
<ease>Challenging</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.12.1" title="Finding" ref="FINDING">
<text>The keep-alive messages are used to determine if a connection is active or has become orphaned and is no longer used. Depending on the result, the device can reclaim resources allocated to outbound connections that have become orphaned. Connections to a device could become orphaned if a connection becomes disrupted or if the client or server has not properly terminated a connection.</text>
<text>Nipper Studio determined that TCP keep-alive messages were not configured for outbound connections on Switch.</text>
</section>
<section index="2.12.2" title="Impact" ref="IMPACT">
<text>An attacker could attempt a DoS attack against a device by exhausting the number of possible connections. To perform this attack, the attacker could keep requesting new connections without properly terminating them. This could then prevent any new legitimate connections from being made as the device awaits the completion of the existing connections that have already been initiated.</text>
</section>
<section index="2.12.3" title="Ease" ref="EASE">
<text>The attacker could either script or use existing tools downloaded from the Internet in order to perform this attack.</text>
</section>
<section index="2.12.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that outbound TCP keep alive messages should be sent in order to detect and drop orphaned connections.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Keep-alive messages can be sent for outbound TCP connections from Cisco Catalyst Switch devices with the following command:<code><command>service tcp-keepalives-out</command>
</code></text>
</section>
</section>
<section index="2.13" title="Syslog Logging Not Enabled" ref="LOGGING.SYSLOG.NOT.ENABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Medium</rating>
<impact>Medium</impact>
<ease>N/A</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.13.1" title="Finding" ref="FINDING">
<text>Logging is an important component of a secure network configuration. When appropriately configured, the messages logged provide a wealth of information to a network administrator when diagnosing a problem, identifying an attack or when used to provide an activity audit trail. When a well configured logging system is combined with a good monitoring and alert system it will enable network administrators to promptly respond to networking issues, DoS attacks, administrative system logons and a host of other important information.</text>
<text>Syslog logging provides an industry standard system (detailed in RFC 5424) for logging messages, enabling the collection, storage and administration of logs from a variety of devices to a single location. The sending of logs to other systems, not only provides extra storage space for logs which could be size restricted on the originating network device, but it also provides an extra level of protection for the logs in a scenario where an attacker has compromised the security of the message source.</text>
<text>Nipper Studio determined that the logging of system messages to a Syslog logging server was not configured on Switch.</text>
</section>
<section index="2.13.2" title="Impact" ref="IMPACT">
<text>If logging of system messages is not configured, a network administrator may not be made aware of significant events happening on the device. These events could include security issues such as intrusion attempts, network scans, authentication failures or diagnostic and management information such as potential hardware issues. Without logging system messages, the information would not be available to either a forensic investigation or for diagnostic purposes.</text>
</section>
<section index="2.13.3" title="Ease" ref="EASE">
<text>System messages will not be sent to a Syslog logging server.</text>
</section>
<section index="2.13.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that Syslog logging should be configured to enable system messages to be logged to a central logging server.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The logging of system messages to a remote Syslog host can be configured using the following command:<code><command>logging host <cmduser>ip-address</cmduser></command>
</code></text>
</section>
</section>
<section index="2.14" title="No Time Synchronization Configured" ref="TIME.NONE.CONFIGURED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Medium</rating>
<impact>Medium</impact>
<ease>N/A</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.14.1" title="Finding" ref="FINDING">
<text>Time synchronization for network devices is inherently important, not just for the various services that make use of time, but also for the accurate logging of events. Therefore network devices can be configured to synchronize their time against a network time source in order to ensure that the time is synchronized.</text>
<text>Nipper Studio determined that time synchronization against a network time service was not configured on Switch.</text>
</section>
<section index="2.14.2" title="Impact" ref="IMPACT">
<text>Although not a direct threat to security, a device with no time synchronization configured would make it more difficult to correlate events in the logs. This would make a forensic investigation more complex, hindering any troubleshooting. The lack of time synchronization could also cause problems with some systems that depend on accurate time, such as some authentication services.</text>
</section>
<section index="2.14.3" title="Ease" ref="EASE">
<text>The system time will not be synchronized. Furthermore, over a period of time the initial configuration could gradually drift away being anywhere near accurate.</text>
</section>
<section index="2.14.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that all networked devices should synchronize their clocks with a network time source.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Authenticated Network Time Protocol time updates can be configured on Cisco Catalyst Switch devices with the following commands:<code><command>ntp authenticate</command>
<command>ntp authentication-key <cmduser>key-num</cmduser> md5 <cmduser>key-string</cmduser></command>
<command>ntp server <cmduser>ip-address</cmduser> key <cmduser>key-num</cmduser> [prefer]</command>
</code>If access restrictions are in place, you will need to ensure that you allow time synchronization with the following command <code><command>ntp access-group peer <cmduser>acl</cmduser></command>
</code></text>
</section>
</section>
<section index="2.15" title="Service Password Encryption Disabled" ref="CONFIGRELATED.SERVPASS.ENCRYPT">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Medium</impact>
<ease>Challenging</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.15.1" title="Finding" ref="FINDING">
<text>Some device passwords, such as user authentication passwords, do not need to be known by the device which can make authentication checks based on the encrypted hash. Other passwords need to be known by the device in order that it can perform specific operations using the clear-text version of the password. The service password encryption option instructs a device to store passwords using Cisco type-7 encryption where it is possible as these can be reversed to their original clear-text form. By default the passwords are otherwise stored in the configuration file in their clear-text form.</text>
<text>Nipper Studio determined that service password encryption was disabled on Switch.</text>
</section>
<section index="2.15.2" title="Impact" ref="IMPACT">
<text>A malicious user or an attacker with access to the device's configuration could quickly extract clear-text passwords without having to decode or brute-force them. Alternatively, a malicious user could gain a clear-text password if they were closely watching a network administrator. The attacker could then make use of the stolen credentials to gain a level of access to the device.</text>
</section>
<section index="2.15.3" title="Ease" ref="EASE">
<text>An attacker would require access to the device configuration or would have to be closely watching a network administrator. This issue may require the attacker to have access to the device or a backup copy of the configuration for the device.</text>
</section>
<section index="2.15.4" title="Recommendation" ref="RECOMMENDATION">
<text>Although Cisco type-7 passwords are easily reversed, and there are a number of programs that reverse them, they do provide an effective barrier against a casual observer. Therefore, Nipper Studio recommends that service password encryption should be enabled.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Service password encryption can be enabled on Cisco Catalyst Switch devices using the following command:<code><command>service password-encryption</command>
</code></text>
</section>
</section>
<section index="2.16" title="CDP Was Enabled" ref="PROTOCOLS.CDPENABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.16.1" title="Finding" ref="FINDING">
<text>CDP is a proprietary protocol that was developed and is primarily used by Cisco. A CDP enabled device can be configured to broadcast CDP packets on the network enabling network management applications and CDP aware devices to identify each other. CDP packets include information about the sender, such as Operating System version and IP address information.</text>
<text>Nipper Studio determined that CDP was enabled on 26 network interfaces on Switch. These are detailed in Table <linktotable ref="PROTOCOLS.CDPENABLED.1">17</linktotable>.</text>
<table index="17" title="Network interfaces on Switch with CDP enabled" ref="PROTOCOLS.CDPENABLED.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Description</heading>
<heading>CDP</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/5</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/6</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/7</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/8</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/9</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/10</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/11</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/12</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>On</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.16.2" title="Impact" ref="IMPACT">
<text>CDP packets contain information about the sender, such as hardware model information, operating system version and IP address details. This information would give an attacker valuable information about the device. The attacker could then use this information as part of a targeted attack.</text>
</section>
<section index="2.16.3" title="Ease" ref="EASE">
<text>CDP packets are broadcast to an entire network segment. The attacker or malicious user would require access to a network segment on which the CDP packets are broadcast and network monitoring software. A wide variety of network monitoring, packet capture and analysis tools can be downloaded from the Internet.</text>
</section>
<section index="2.16.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, CDP should be disabled.</text>
<text>In some configurations with IP phones, deployed using either Auto Discovery or Dynamic Host Configuration Protocol, the CDP service may need to be enabled. However, if the device supports disabling CDP on individual interfaces, then Nipper Studio recommends that it should be disabled on all the interfaces where it is not required.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The following commands can be used to disable CDP on Cisco Catalyst Switch devices. The first command disables CDP for the entire device, whilst the second can be used to disable CDP on individual interfaces.<code><command>no cdp run</command>
<command>no cdp enable</command>
</code></text>
</section>
</section>
<section index="2.17" title="The BOOTP Service Was Not Disabled" ref="ADMINISTRATION.BOOTP.NOT.DISABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.17.1" title="Finding" ref="FINDING">
<text>BOOTstrap Protocol (described in RFC 951) is a datagram protocol that enables compatible hosts to load their operating system over the network from a BOOTP server. However, these days BOOTP services are rarely used.</text>
<text>Nipper Studio determined that the BOOTP service had not been disabled on Switch. However, it is worth noting that not all device models will support the BOOTP service and therefore this issue could have been falsely determined.</text>
</section>
<section index="2.17.2" title="Impact" ref="IMPACT">
<text>An attacker could use a device that offers a BOOTP service to download a copy of the device's OS software.</text>
</section>
<section index="2.17.3" title="Ease" ref="EASE">
<text>Tools that can interact with BOOTP services can be downloaded from the Internet.</text>
</section>
<section index="2.17.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, the BOOTP service should be disabled.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The BOOTP service can be disabled using one of the following commands:<code><command>ip dhcp bootp ignore</command>
<command>no ip bootp server</command>
</code></text>
</section>
</section>
<section index="2.18" title="Switch Port Security Disabled" ref="INTERFACES.PORTSECURITY">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Easy</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.18.1" title="Finding" ref="FINDING">
<text>Switch port security is used to monitor and restrict the number of network devices that can be connected to a single switch port. The switch does this by monitoring the Media Access Control addresses that originate from the switch port. The MAC addresses can either be specified for a particular switch port or they can be dynamically learned in order to significantly reduce the administrative overhead. When the number of permitted number of MAC addresses connected to a single switch port is exceeded then a number of different actions can be performed, such as disabling the switch port.</text>
<text>Nipper Studio determined that switch port security was disabled on 26 ports on Switch. These are detailed below.</text>
<table index="18" title="Fast Ethernet interfaces with disabled port security on Switch" ref="INTERFACES.PORTSECURITY.FETHERINTERFACES.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Security</heading>
<heading>Max MAC</heading>
<heading>Aging</heading>
<heading>Age Type</heading>
<heading>Sticky</heading>
<heading>MAC</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/5</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/6</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/7</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/8</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/9</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/10</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/11</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/12</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
<table index="19" title="Gigabit interfaces with disabled port security on Switch" ref="INTERFACES.PORTSECURITY.GETHERINTERFACES.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Security</heading>
<heading>Max MAC</heading>
<heading>Aging</heading>
<heading>Age Type</heading>
<heading>Sticky</heading>
<heading>MAC</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Off</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item>N/A</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.18.2" title="Impact" ref="IMPACT">
<text>A switch port with no configured port security could allow an attacker to attach an unauthorized device and gain access to the network.</text>
</section>
<section index="2.18.3" title="Ease" ref="EASE">
<text>An attacker would have to gain access to a switch port with no security configured. If the switch port is not directly patched to a wall socket, the attacker would have to gain physical access to the device. It is worth noting that an attacker could assume the MAC address of a device already attached to the port in order to gain access and bypass the port security feature.</text>
</section>
<section index="2.18.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, where possible, port security should be enabled on all switch ports. Furthermore, Nipper Studio recommends that all switch ports that are not used should be shutdown.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Switch port security with MAC address learning and port shutdown on a violation can be configured for each interface with the following commands:<code><command>switchport port-security</command>
<command>switchport port-security violation shutdown</command>
<command>switchport port-security mac-address sticky</command>
</code></text>
</section>
</section>
<section index="2.19" title="VTP Was In Server Mode" ref="PROTOCOLS.VTP.SERVER">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Moderate</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.19.1" title="Finding" ref="FINDING">
<text>VTP was developed by Cisco to assist with the management of VLANs over multiple devices. The protocol enables the addition, renaming and deletion of VLANs on a single switch to be propagated to other network switches in the same VTP domain. A device in VTP server mode will transmit VTP packets containing VLAN information. If a device in VTP client mode in the same domain receives a VTP network packet with a higher revision number the changes will be applied.</text>
<text>Nipper Studio determined that VTP was in server mode on Switch. It is worth mentioning that although the VTP was found to be in server mode on Switch (a default setting), no VTP domain was configured. However, there have been instances where a device in this configuration have had their VTP domain set remotely from other networked devices.</text>
</section>
<section index="2.19.2" title="Impact" ref="IMPACT">
<text>An attacker could determine the VLAN configuration by capturing VTP packets sent from the device and VTP packets are not encrypted, even when a password is specified. The attacker could then use the VLAN information or password as part of a targeted attack.</text>
</section>
<section index="2.19.3" title="Ease" ref="EASE">
<text>Tools that are capable of capturing network packets are available on the Internet and installed by default on some OS.</text>
</section>
<section index="2.19.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, VTP should be disabled or placed in transparent mode, even if no VTP domain has been configured.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>VTP can be set to transparent mode on Cisco Catalyst Switch devices using one of the following commands:<code><command>vtp transparent</command>
<command>vtp mode transparent</command>
</code></text>
</section>
</section>
<section index="2.20" title="IP Source Routing Was Enabled" ref="ROUTING.IPSOURCEROUTING">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Moderate</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.20.1" title="Finding" ref="FINDING">
<text>TCP/IP packets can contain source route information, this can enable a packet to define its own route through a network rather than using a route defined by static routes or routing protocols. The source route option functionality was defined in RFC 791.</text>
<text>Many network filtering and routing devices include facilities that enable them to ignore the source route defined in a packet or block the packets entirely.</text>
<text>Nipper Studio determined that IP source routing was enabled on Switch.</text>
</section>
<section index="2.20.2" title="Impact" ref="IMPACT">
<text>IP source routing can allow an attacker to specify a route for a network packet to follow, possibly to bypass a Firewall device or an Intrusion Detection System. An attacker could also use source routing to capture network traffic by routing it through a system controlled by the attacker.</text>
</section>
<section index="2.20.3" title="Ease" ref="EASE">
<text>An attacker would have to control either a routing device or an end point device in order to modify a packets route through the network. However, tools can be downloaded from the Internet that would allow an attacker to specify source routes. Tools are also available to modify network routing using vulnerabilities in some routing protocols.</text>
</section>
<section index="2.20.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that IP source routing information contained in network packets should be ignored.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>IP source routing can be disabled on Cisco Catalyst Switch devices using the following command:<code><command>no ip source-route</command>
</code></text>
</section>
</section>
<section index="2.21" title="Proxy ARP Was Enabled" ref="PROTOCOLS.PROXYARP">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.21.1" title="Finding" ref="FINDING">
<text>ARP is a protocol that network hosts use to translate network IP addresses into MAC addresses. Under normal circumstances, ARP packets are confined to the sender's network segment. However, some network devices can be configured to act as a proxy for ARP requests, retransmitting an ARP request on other network segments and sending any response back to the originator of the request.</text>
<text>Nipper Studio determined that the Proxy ARP feature was enabled on two network interfaces on Switch. These are detailed in Table <linktotable ref="PROTOCOLS.PROXYARP.1">20</linktotable>.</text>
<table index="20" title="Network interfaces on Switch with Proxy ARP enabled" ref="PROTOCOLS.PROXYARP.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Address</heading>
<heading>Proxy-ARP</heading>
<heading>ACL In</heading>
<heading>ACL Out</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>192.168.8.1/24</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>192.168.9.1/24</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.21.2" title="Impact" ref="IMPACT">
<text>A router that acts as a proxy for ARP requests will extend layer two access across multiple network segments, potentially breaking perimeter security.</text>
</section>
<section index="2.21.3" title="Ease" ref="EASE">
<text>A network device with proxy ARP enabled will proxy ARP requests for all hosts on those interfaces. A number of ARP tools can be downloaded from the Internet for use in exploiting this issue.</text>
</section>
<section index="2.21.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, the Proxy ARP feature should be disabled on all interfaces.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Proxy ARP can be disabled on interfaces using the following command:<code><command>no ip proxy-arp</command>
</code></text>
</section>
</section>
<section index="2.22" title="Weak Minimum Password Length Policy Setting" ref="AUTHENTICATION.WEAK.PASSWORDLENGTH">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.22.1" title="Finding" ref="FINDING">
<text>The minimum password length policy setting is used to force users to set passwords that are at least the specified number of characters in length.</text>
<text>Nipper Studio determined that the minimum password length policy setting was configured to 6 characters on Switch.</text>
</section>
<section index="2.22.2" title="Impact" ref="IMPACT">
<text>Strong authentication credentials are a key component of a systems security. It is therefore important that a user chooses a strong password and that it is changed on a regular basis. Generally, the greater the number of characters within a password the stronger the password will be. With a short minimum password length configured a user could set a short password, requiring less time for an attacker to brute-force the authentication password.</text>
</section>
<section index="2.22.3" title="Ease" ref="EASE">
<text>It takes far less time for an attacker to brute-force the authentication credentials for a user account that has a short password.</text>
</section>
<section index="2.22.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that a minimum password length policy setting of 8 characters should be configured.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>A minimum password length can be configured with the following command:<code><command>security passwords min-length <cmduser>length</cmduser></command>
</code></text>
</section>
</section>
<section index="2.23" title="No Pre-Logon Banner Message" ref="BANNER.NO.PRE.LOGON.MESSAGE">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.23.1" title="Finding" ref="FINDING">
<text>A pre-logon banner message is one that is shown to users when they connect to a device and prior to the user logon.</text>
<text>Nipper Studio determined that Switch was configured with no pre-logon banner message.</text>
</section>
<section index="2.23.2" title="Impact" ref="IMPACT">
<text>A pre-logon banner message is often overlooked when configuring a device, but it is an important security setting which could potentially discourage an uncommitted attacker from proceeding any further. A pre-logon banner message should be configured to warning any potential attacker against unauthorized access and the consequences. Furthermore if legal proceedings are executed against an attacker it would be easier to prove intent on behalf of the attacker if they were first warned against unauthorized access.</text>
</section>
<section index="2.23.3" title="Ease" ref="EASE">
<text>With no pre-logon banner configured, an attacker would not be presented with a carefully worded legal warning prior to attempting to logon.</text>
</section>
<section index="2.23.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that a carefully worded legal banner that warns against unauthorized access should be configured.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The Login banner message is shown to all connections to Cisco Catalyst Switch devices prior to logon. The Login banner message can be configured on Cisco Catalyst Switch devices using the following command:<code><command>banner login <cmduser>delimiter</cmduser> <cmduser>banner-message</cmduser> <cmduser>delimiter</cmduser></command>
</code></text>
</section>
</section>
<section index="2.24" title="Interfaces Were Configured With No Filtering" ref="INTERFACES.NOFILTERS">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.24.1" title="Finding" ref="FINDING">
<text>Network filtering rule lists can be assigned to individual network interfaces to provide filtering of network traffic.</text>
<text>Nipper Studio determined that 28 network interfaces on Switch had no network filtering rules assigned. These are detailed below.</text>
<table index="21" title="Network interfaces with no filtering on Switch" ref="INTERFACES.NOFILTERS.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/5</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/6</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/7</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/8</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/9</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/10</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/11</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/12</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.24.2" title="Impact" ref="IMPACT">
<text>The network traffic from an attacker attached to one of the network interfaces detailed above would not be subjected to filtering, potentially providing unrestricted access to network services.</text>
</section>
<section index="2.24.3" title="Ease" ref="EASE">
<text>The network traffic would not be subjected to filtering.</text>
</section>
<section index="2.24.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that all network interfaces should be configured filtering to help prevent unauthorized access to network services and hosts.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Cisco Catalyst Switch device filtering can be configured on interfaces with the following command:<code><command>ip access-group <cmduser>ACL</cmduser> [in | out]</command>
</code></text>
</section>
</section>
<section index="2.25" title="ICMP Unreachable Messages Were Enabled" ref="PROTOCOLS.UNREACHABLES">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Low</rating>
<impact>Low</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.25.1" title="Finding" ref="FINDING">
<text>When a network packet is sent to a destination host or service that is unreachable, a ICMP unreachable message can be sent from a network gateway or the destination host to inform the requester that it was unreachable. If it is a host that is unreachable the message will be in the form of an ICMP host unreachable message. ICMP unreachable messages are described in more detail in RFC 792.</text>
<text>Nipper Studio determined that the ICMP Unreachables feature was enabled on two network interfaces on Switch. These are detailed below.</text>
<table index="22" title="Network interfaces on Switch with ICMP Unreachables enabled" ref="PROTOCOLS.UNREACHABLES.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Unreachables</heading>
<heading>Redirects</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.25.2" title="Impact" ref="IMPACT">
<text>An attacker who was performing network scans to determine what services were available would be able to scan a device more quickly. If the device being scanned sends ICMP unreachable messages, informing the attacker that a network or protocol is not supported, the attacker will not have to wait for a connection time-out.</text>
</section>
<section index="2.25.3" title="Ease" ref="EASE">
<text>The ICMP messages are automatically returned by a device with the ICMP unreachable feature enabled. Network scanning tools can be downloaded from the Internet that are able to perform a wide variety of scan types and take into account ICMP unreachable messages.</text>
</section>
<section index="2.25.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, ICMP unreachable messages should be disabled. However, it is important to note that whilst disabling of ICMP unreachable messages will not stop a network scan, it will make the scan more time consuming for the attacker to perform.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>ICMP unreachable message sending can be disabled on network interfaces with the following command:<code><command>no ip unreachables</command>
</code></text>
</section>
</section>
<section index="2.26" title="DNS Lookups Were Enabled" ref="DNS.LOOKUPS.ENABLED">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>Easy</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.26.1" title="Finding" ref="FINDING">
<text>Some network devices can be configured to make use of DNS to perform lookups of addresses that have been specified using a DNS name. In addition to being used for connecting to other devices, the DNS lookup functionality could be used for auditing purposes.</text>
<text>Nipper Studio determined that DNS lookups were enabled on Switch.</text>
</section>
<section index="2.26.2" title="Impact" ref="IMPACT">
<text>An attacker who is able to monitor DNS queries from the device that could then potentially be used as part of a targeted attack. Some devices include functionality to automatically connect to a device if an administrator simply types in a device's DNS name. Unfortunately this also means that if an administrator mistypes an administrative command the device will automatically perform a lookup for the device and attempt to connect to it. Cisco IOS-based devices perform this action, but it could enable an attacker to perform a MITM attack if the attacker were to immediately respond to the DNS query, allow the incoming connection to attackers system and then connect straight back to the sender.</text>
</section>
<section index="2.26.3" title="Ease" ref="EASE">
<text>Tools that can monitor DNS queries can be downloaded from the Internet.</text>
</section>
<section index="2.26.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio suggests that, if not required, DNS lookups should be disabled.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Domain lookups can be disabled on Cisco Catalyst Switch devices with the following commands (the latter command is for Cisco IOS 12.1 and older):<code><command>no ip domain lookup</command>
<command>no ip domain-lookup</command>
</code></text>
</section>
</section>
<section index="2.27" title="No Network Filtering Rules Were Configured" ref="FILTERING.NO.RULES">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>N/A</ease>
<fix>Planned</fix>
</ratings>
</issuedetails>
<section index="2.27.1" title="Finding" ref="FINDING">
<text>Network filtering can be configured to restrict access to network services from only those hosts that require the access, helping to prevent unauthorized access. When configured, network filter rules are processed sequentially and the first rule in the filter rule list which matches the network packet is applied.</text>
<text>Nipper Studio determined that network filter rules were not configured on Switch and that all the network traffic would be blocked by the device.</text>
</section>
<section index="2.27.2" title="Impact" ref="IMPACT">
<text>Typically firewall appliances will drop network traffic if there are no network filtering rules configured. Whereas most non-firewall appliances will usually allow all network traffic if no network filtering rules have been configured.</text>
<text>Although no network filter rules had been configured the default action was to drop the all network packets. Therefore an attacker, or malicious user, would not be able to access network services as all network traffic would be blocked.</text>
</section>
<section index="2.27.3" title="Ease" ref="EASE">
<text>No specialist skills or tools are required by the attacker to exploit this issue.</text>
</section>
<section index="2.27.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that network filter rules should be configured to help prevent unauthorized access to network services.</text>
<text>Nipper Studio recommends that:</text>
<list type="bullet">
<listitem>filter rules should only allow access to specific destination addresses;</listitem>
<listitem>filter rules should only allow access to specific destination network ports;</listitem>
<listitem>filter rules should only allow access from specific source addresses;</listitem>
<listitem>filter rules should specify a specific network protocol;</listitem>
<listitem>ICMP filter rules should specify a specific message type;</listitem>
<listitem>filter rules should always drop network packets and not reject them;</listitem>
<listitem>filter rules should perform a specific action and not rely on a default action.</listitem>
</list>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>On Cisco Catalyst Switch devices network filter rules are added to ACL which can then be used when configuring interfaces, services and other options. ACL can be either named or numbered. If numbered a standard ACL will be numbered between 1-99 and 1300-1999, all others will be extended ACL. The following commands show how to create both named and numbered standard and extended ACL and filter rules:<code><command>ip access-list standard <cmduser>list-name</cmduser></command>
<command> [permit | deny] <cmduser>source-address</cmduser> [log]</command>
<command> exit</command>
<command>access-list <cmduser>number</cmduser> [permit | deny] <cmduser>source-address</cmduser> [log]</command>
<command>ip access-list extended <cmduser>list-name</cmduser></command>
<command> [permit | deny] <cmduser>protocol</cmduser> <cmduser>source-address</cmduser> [<cmduser>source-port</cmduser>] <cmduser>dest-address</cmduser> [<cmduser>dest-port</cmduser>] [log]</command>
<command> exit</command>
<command>access-list <cmduser>number</cmduser> [permit | deny] <cmduser>protocol</cmduser> <cmduser>source-address</cmduser> [<cmduser>source-port</cmduser>] <cmduser>dest-address</cmduser> [<cmduser>dest-port</cmduser>] [log]</command>
</code></text>
</section>
</section>
<section index="2.28" title="No Post Logon Banner Message" ref="BANNER.NO.POST.LOGON.MESSAGE">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.28.1" title="Finding" ref="FINDING">
<text>Post logon banner messages are ones that are shown to users after they have authenticated and prior to being given access to the device. It is one that is shown to users when they connect to a device and prior to the user logon.</text>
<text>Nipper Studio determined that Switch was configured with no post logon banner message.</text>
</section>
<section index="2.28.2" title="Impact" ref="IMPACT">
<text>The post logon banner is useful for detailing the acceptable use policy and the change control procedures which should be followed prior to making any changes to a device's configuration. An acceptable use message detailing the change control procedures and waning against abuse of the policy could help to prevent ad-hoc changes being made to a device's configuration.</text>
<text>Additionally, if a device does not have the facilities to configure a pre-logon banner message then the post logon banner message could be the only place where a legal warning against unauthorized access could be given.</text>
</section>
<section index="2.28.3" title="Ease" ref="EASE">
<text>With no post logon banner configured, a user would not be given a reminder of the acceptable use and change control procedure policy details.</text>
</section>
<section index="2.28.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that a post logon banner message is configured that details both the acceptable use policy and change control procedures. Additionally, if the device does not support a pre-logon banner message then Nipper Studio recommends that the post logon banner message should also include a carefully worded legal warning against unauthorized access.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The Exec banner message is shown after logon and before the command prompt is shown on Cisco Catalyst Switch devices. The Exec banner message can be configured on Cisco Catalyst Switch devices using the following command:<code><command>banner exec <cmduser>delimiter</cmduser> <cmduser>banner-message</cmduser> <cmduser>delimiter</cmduser></command>
</code></text>
</section>
</section>
<section index="2.29" title="ICMP Redirect Messages Were Enabled" ref="PROTOCOLS.REDIRECTS">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.29.1" title="Finding" ref="FINDING">
<text>When sending network traffic through a router, ICMP redirect messages could be sent to the router in order to indicate a specific route that the sending host would like the network traffic to take. On a router that accepts ICMP redirect message the network traffic will be forwarded using the specified route. Furthermore, some routers will cache the new routing information for use with future network packets.</text>
<text>Nipper Studio determined that the ICMP Redirects feature was enabled on two network interfaces on Switch. These are detailed below.</text>
<table index="23" title="Network interfaces on Switch with ICMP Redirects enabled" ref="PROTOCOLS.REDIRECTS.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>Unreachables</heading>
<heading>Redirects</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Vlan2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Vlan3</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item>On</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.29.2" title="Impact" ref="IMPACT">
<text>An attacker could use ICMP redirects to modify the route that a packet takes through a network. However, it is worth noting that on networks with functional network routing, disabling ICMP redirects will have little to no effect.</text>
</section>
<section index="2.29.3" title="Ease" ref="EASE">
<text>ICMP redirect messages will be accepted, but not necessarily acted upon. An attacker could download software from the Internet in order to perform this attack.</text>
</section>
<section index="2.29.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, the processing of ICMP redirect messages on devices should be disabled.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>ICMP redirect message sending can be disabled on network interfaces with the following command:<code><command>no ip redirects</command>
</code></text>
</section>
</section>
<section index="2.30" title="Unrestricted Outbound Administrative Access" ref="ADMINISTRATION.LINE.ADMINOUT">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>Challenging</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.30.1" title="Finding" ref="FINDING">
<text>Many network devices, such as switches and routers, contain network client tools that enable a network administrator to connect to administrative services offered by other devices. Outbound access from these devices to others can be restricted to specific host addresses in order to limit the access to only those that are required.</text>
<text>Nipper Studio determined that on Switch no outbound administrative service access ACL was configured on the administrative lines detailed in Table <linktotable ref="SECURITY.ADMINISTRATION.LINE.NOACLOUT.1">24</linktotable>.</text>
<table index="24" title="Switch administrative lines with no outbound ACL" ref="SECURITY.ADMINISTRATION.LINE.NOACLOUT.1">
<headings>
<heading>Line</heading>
<heading>Access</heading>
<heading>Login</heading>
<heading>Level</heading>
<heading>Password</heading>
<heading>Telnet</heading>
<heading>Filter In</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>VTY 0 - 4</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTY 5 - 15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>Line Password</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>123456</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.30.2" title="Impact" ref="IMPACT">
<text>A malicious user, or attacker, with a basic level of access to the device could use it to attack other devices on the network. An attacker may prefer to use this facility as a way of masking their trail or because the target device may not be contactable directly. If an outbound ACL had been configured then the potential list of targets would be restricted to only those network addresses.</text>
</section>
<section index="2.30.3" title="Ease" ref="EASE">
<text>The attacker must have a level of access to the device in order to be able to use the administrative service client tools to access another system. However, once a level of access has been gained on the device the attacker would then be able to use the available client tools to access services offered by other devices.</text>
</section>
<section index="2.30.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, unless required, an outbound ACL should be configured and assigned in order to restrict administrative access to other systems.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>On Cisco Catalyst Switch devices an outbound ACL can be created and assigned to an administrative line using the following commands:<code><command>ip access-list standard <cmduser>access-list-number</cmduser></command>
<command> remark <cmduser>description</cmduser></command>
<command> permit <cmduser>ip-address</cmduser> <cmduser>wildcard</cmduser> [log]</command>
<command> exit</command>
<command>line <cmduser>line-type</cmduser> <cmduser>line-number(s)</cmduser></command>
<command> access-class <cmduser>access-list-number</cmduser> out</command>
</code></text>
</section>
</section>
<section index="2.31" title="Switch Port Trunking Allows All VLANs" ref="INTERFACES.TRUNKALL">
<issuedetails>
<devices>
<device name="Switch" type="Cisco Catalyst Switch" osversion="12.2" />
</devices>
<ratings type="Nipperv1">
<rating>Informational</rating>
<impact>Informational</impact>
<ease>N/A</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.31.1" title="Finding" ref="FINDING">
<text>VLAN network packets can be sent between networked devices, extending a VLAN across different physical devices. In order to extend a VLAN to a different physical device a trunk has to be created between the devices. In order to restrict VLAN access over different physical devices the VLAN trunk can be configured to only permit specific VLANs.</text>
<text>Nipper Studio determined that fourteen network interfaces on Switch were configured to trunk all VLANs. These are detailed in Table <linktotable ref="INTERFACES.TRUNKALL.1">25</linktotable>.</text>
<table index="25" title="Network interfaces on Switch that trunk all VLANs" ref="INTERFACES.TRUNKALL.1">
<headings>
<heading>Interface</heading>
<heading>Active</heading>
<heading>VLAN</heading>
<heading>Trunk</heading>
<heading>Trunk VLAN</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>FastEthernet0/13</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/14</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/15</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/16</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/17</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/18</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/19</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/20</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/21</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/22</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/23</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>FastEthernet0/24</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/1</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>GigabitEthernet0/2</item></tablecell>
<tablecell><item>Yes</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>Auto</item></tablecell>
<tablecell><item>All</item></tablecell>
<tablecell><item></item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.31.2" title="Impact" ref="IMPACT">
<text>An attacker who is able to create a trunk would gain direct access to all the VLANs extended over the trunk. This would allow an attacker to bypass any network filtering between the VLANs and capture potentially sensitive information. If a clear-text protocols network traffic is transferred over the trunk an attacker would gain immediate access to any authentication credentials transferred.</text>
<text>It is worth noting that some network devices default to allowing trunks to be negotiated on the network ports and by default will allow access to all VLANs.</text>
</section>
<section index="2.31.3" title="Ease" ref="EASE">
<text>Tools can be downloaded from the Internet that are capable of creating trunks, or the attacker could use a network switch. The attacker would require a little knowledge of network trunking.</text>
</section>
<section index="2.31.4" title="Recommendation" ref="RECOMMENDATION">
<text>Nipper Studio recommends that, if not required, VLAN trunking should be disabled. If trunking is required on a specific switch port, Nipper Studio recommends that the switch port should be configured to trunk only the required VLANs.</text>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>Switch ports can be configured to provide no trunking or only trunk specific VLANs on each interface using the following interface commands:<code><command>switchport mode access</command>
<command>switchport trunk allowed vlan <cmduser>vlan-list</cmduser></command>
</code></text>
</section>
</section>
<section index="2.32" title="Conclusions" ref="SECURITY.CONCLUSIONS">
<text>Nipper Studio performed a security audit on Tuesday, August 8, 2017 of the device detailed in Table <linktotable ref="SECURITY.CONCLUSIONS.AUDITDEVICELIST">26</linktotable>. Nipper Studio identified 30 security-related issues. The most significant issue was rated as High. </text>
<table index="26" title="Security audit device conclusions" ref="SECURITY.CONCLUSIONS.AUDITDEVICELIST">
<headings>
<heading>Device</heading>
<heading>Name</heading>
<heading>Issues</heading>
<heading>Highest Rating</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>30</item></tablecell>
<tablecell><item>High</item></tablecell>
</tablerow>
</tablebody>
</table>
<text>Nipper Studio identified eight High rated security issues. Nipper Studio determined that:</text>
<list type="bullet">
<listitem>user accounts were configured with a weak password (one device, see section 2.2);</listitem>
<listitem>the Telnet service was enabled (one device, see section 2.3);</listitem>
<listitem>no inbound administrative line ACL has been configured (one device, see section 2.4);</listitem>
<listitem>BPDU Guard was not enabled globally. (one device, see section 2.5);</listitem>
<listitem>STP Root Guard was not enabled on all bridging interfaces (one device, see section 2.6);</listitem>
<listitem>VTP was configured with no password (one device, see section 2.7);</listitem>
<listitem>the enable password is not stored using an MD5 hash (one device, see section 2.8);</listitem>
<listitem>TCP keep-alive messages were not configured for inbound connections (one device, see section 2.9).</listitem>
</list>
<text>Nipper Studio identified five Medium rated security issues. Nipper Studio determined that:</text>
<list type="bullet">
<listitem>DTP was enabled (one device, see section 2.10);</listitem>
<listitem>STP Root Guard was not enabled on all bridging interfaces (one device, see section 2.11);</listitem>
<listitem>TCP keep-alive messages were not configured for outbound connections (one device, see section 2.12);</listitem>
<listitem>the logging of system messages to a Syslog logging server was not configured (one device, see section 2.13);</listitem>
<listitem>time synchronization was not configured (one device, see section 2.14).</listitem>
</list>
<text>Nipper Studio identified eleven Low rated security issues. Nipper Studio determined that:</text>
<list type="bullet">
<listitem>service password encryption was disabled (one device, see section 2.15);</listitem>
<listitem>CDP was enabled (one device, see section 2.16);</listitem>
<listitem>the BOOTP service was not disabled (one device, see section 2.17);</listitem>
<listitem>port security was not enabled on all switch ports (one device, see section 2.18);</listitem>
<listitem>the VTP was in server mode (one device, see section 2.19);</listitem>
<listitem>IP source routing was enabled (one device, see section 2.20);</listitem>
<listitem>proxy ARP was enabled (one device, see section 2.21);</listitem>
<listitem>a weak minimum password length policy setting was configured (one device, see section 2.22);</listitem>
<listitem>no pre-logon banner message was configured (one device, see section 2.23);</listitem>
<listitem>network interfaces were configured without filtering (one device, see section 2.24);</listitem>
<listitem>ICMP unreachable messages were enabled (one device, see section 2.25).</listitem>
</list>
<text>Nipper Studio identified six Informational rated security issues. Nipper Studio determined that:</text>
<list type="bullet">
<listitem>DNS lookups were enabled (one device, see section 2.26);</listitem>
<listitem>no network filtering rules were configured (one device, see section 2.27);</listitem>
<listitem>no post logon banner message was configured (one device, see section 2.28);</listitem>
<listitem>ICMP redirect message sending was enabled (one device, see section 2.29);</listitem>
<listitem>no outbound administrative ACL has been configured (one device, see section 2.30);</listitem>
<listitem>trunking was enabled for all VLANs (one device, see section 2.31).</listitem>
</list>
<text>Nipper Studio can draw the following statistics from the results of this security assessment, (percentages have been rounded). 8 issues (27%) were rated as high, 5 issues (17%) were rated as medium, 11 issues (37%) were rated as low and 6 issues (20%) were rated as informational.</text>
<graph index="6" title="Severity Classification" ref="SECURITY.CONCLUSIONS.RATINGS" position="bottomleft" type="pie">
<datalabels>
<datalabel>High</datalabel>
<datalabel>Medium</datalabel>
<datalabel>Low</datalabel>
<datalabel>Informational</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>8</data>
<data>5</data>
<data>11</data>
<data>6</data>
</graphdata>
<datacolors>
<datacolor>#FF5C00</datacolor>
<datacolor>#FFBF00</datacolor>
<datacolor>#8DC100</datacolor>
<datacolor>#006300</datacolor>
</datacolors>
</graph>
<graph index="7" title="Issue Classification" ref="SECURITY.CONCLUSIONS.CLASSIFICATION" position="bottomright" type="bar">
<datalabels title=")Classification">
<datalabel>Admin</datalabel>
<datalabel>Auth</datalabel>
<datalabel>Best</datalabel>
<datalabel>Text</datalabel>
<datalabel>Filter</datalabel>
</datalabels>
<graphdata title="Issues" datadepth="1">
<data>10</data>
<data>4</data>
<data>13</data>
<data>4</data>
<data>3</data>
</graphdata>
<datacolors>
<datacolor>#A7AAFF</datacolor>
<datacolor>#918FDC</datacolor>
<datacolor>#A7AAFF</datacolor>
<datacolor>#918FDC</datacolor>
<datacolor>#A7AAFF</datacolor>
</datacolors>
</graph>
</section>
<section index="2.33" title="Recommendations" ref="SECURITY.RECOMMENDATIONS">
<text>This section collates the security audit issue recommendations into a single location in order to provide a guide to planning and mitigating the identified issues. The recommendations are listed in Table <linktotable ref="SECURITY.AUDITRECOMMENDATIONLIST">27</linktotable> together with the issue rating and a list of affected devices.</text>
<table index="27" title="Security audit recommendations list" ref="SECURITY.AUDITRECOMMENDATIONLIST">
<headings>
<heading>Issue</heading>
<heading>Rating</heading>
<heading>Recommendation</heading>
<heading>Affected Devices</heading>
<heading>Section</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Users With A Weak Authentication Password</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Configure strong passwords for all user accounts.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.2</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Clear Text Telnet Service Enabled</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Disable the Telnet service.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.3</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Administration Line Without An ACL Configured</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Configure an ACL to restrict access to the administrative lines.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.4</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>STP BPDU Guard Not Enabled</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Enable BPDU Guard globally and on all non-bridging interfaces.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.5</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>STP Root Guard Not Enabled</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Enable STP Root Guard on all bridging interfaces.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.6</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No VTP Authentication Password Was Configured</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Change the VTP mode to transparent.</item><item>OR</item><item>Configure a strong VTP password.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.7</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Enable Password Configured</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Configure enable passwords to be stored only using the MD5 hash.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.8</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Inbound TCP Connection Keep-Alives</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Enable TCP keep-alive messages for inbound connections.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.9</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>DTP Was Enabled</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Disable DTP.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.10</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>STP Loop Guard Not Enabled</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Enable STP Root Guard on all bridging interfaces.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.11</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Outbound TCP Connection Keep-Alives</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Enable TCP keep-alive messages for outbound connections.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.12</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Syslog Logging Not Enabled</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Configure Syslog message logging.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.13</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Time Synchronization Configured</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Configure time synchronization.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.14</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Service Password Encryption Disabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Enable service password encryption.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.15</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CDP Was Enabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Disable CDP.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.16</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>The BOOTP Service Was Not Disabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Disable the BOOTP service.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.17</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Switch Port Security Disabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Enable port security on all switch ports.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.18</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>VTP Was In Server Mode</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Change the VTP mode to transparent.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.19</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>IP Source Routing Was Enabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Disable IP source routing.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.20</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Proxy ARP Was Enabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Disable proxy ARP on all interfaces.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.21</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Weak Minimum Password Length Policy Setting</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Configured a minimum password length policy setting of 8 characters</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.22</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Pre-Logon Banner Message</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Configure a pre-logon banner message with a carefully worded legal warning.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.23</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Interfaces Were Configured With No Filtering</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Assign network filtering rules to all network interfaces.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.24</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>ICMP Unreachable Messages Were Enabled</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Disable the sending of ICMP unreachable messages.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.25</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>DNS Lookups Were Enabled</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Disable DNS lookups.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.26</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Network Filtering Rules Were Configured</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Configure network filtering to restrict access to network services.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.27</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>No Post Logon Banner Message</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Configure a post logon banner message detailing the acceptable use policy and change control procedures.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.28</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>ICMP Redirect Messages Were Enabled</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Disable the sending of ICMP redirect messages.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.29</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Unrestricted Outbound Administrative Access</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Configure an ACL to restrict outbound administrative service access.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.30</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Switch Port Trunking Allows All VLANs</item></tablecell>
<tablecell><item>Informational</item></tablecell>
<tablecell><item>Disable VLAN trunking.</item><item>OR</item><item>Configure trunking for only the required VLANs.</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>2.31</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<section index="2.34" title="Mitigation Classification" ref="SECURITY.MITIGATIONS">
<text>This section aims to provide a guide to the perceived complexity of resolving a particular issue by implementing the recommendation. An outline of how each mitigation classification has been determined is described in Table <linktotable ref="SECURITY.MITIGATION.CLASSIFICATION">28</linktotable>.</text>
<table index="28" title="The mitigation classification" ref="SECURITY.MITIGATION.CLASSIFICATION">
<headings>
<heading>Classification</heading>
<heading>Description</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Quick</item></tablecell>
<tablecell><item>The issue is quick to resolve. Typically this would just involve changing a small number of settings and would have little-to-no effect on network services.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Planned</item></tablecell>
<tablecell><item>The issue resolution involves planning, testing and could cause some disruption to services. This issue could involve changes to routing protocols and changes to network filtering.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>Involved</item></tablecell>
<tablecell><item>The resolution of the issue will require significant resources to resolve and is likely to include disruption to network services, and possibly the modification of other network device configurations. The issue could involve upgrading a device's OS and possible modifications to the hardware.</item></tablecell>
</tablerow>
</tablebody>
</table>
<text>Nipper Studio identified 23 security issues with mitigation recommendations that were classified as Quick. Those issues were:</text>
<list type="bullet">
<listitem>High: Users With A Weak Authentication Password (one device, see section 2.2);</listitem>
<listitem>High: Clear Text Telnet Service Enabled (one device, see section 2.3);</listitem>
<listitem>High: Administration Line Without An ACL Configured (one device, see section 2.4);</listitem>
<listitem>High: STP BPDU Guard Not Enabled (one device, see section 2.5);</listitem>
<listitem>High: STP Root Guard Not Enabled (one device, see section 2.6);</listitem>
<listitem>High: Enable Password Configured (one device, see section 2.8);</listitem>
<listitem>High: No Inbound TCP Connection Keep-Alives (one device, see section 2.9);</listitem>
<listitem>Medium: STP Loop Guard Not Enabled (one device, see section 2.11);</listitem>
<listitem>Medium: No Outbound TCP Connection Keep-Alives (one device, see section 2.12);</listitem>
<listitem>Low: Service Password Encryption Disabled (one device, see section 2.15);</listitem>
<listitem>Low: CDP Was Enabled (one device, see section 2.16);</listitem>
<listitem>Low: The BOOTP Service Was Not Disabled (one device, see section 2.17);</listitem>
<listitem>Low: IP Source Routing Was Enabled (one device, see section 2.20);</listitem>
<listitem>Low: Proxy ARP Was Enabled (one device, see section 2.21);</listitem>
<listitem>Low: Weak Minimum Password Length Policy Setting (one device, see section 2.22);</listitem>
<listitem>Low: No Pre-Logon Banner Message (one device, see section 2.23);</listitem>
<listitem>Low: Interfaces Were Configured With No Filtering (one device, see section 2.24);</listitem>
<listitem>Low: ICMP Unreachable Messages Were Enabled (one device, see section 2.25);</listitem>
<listitem>Informational: DNS Lookups Were Enabled (one device, see section 2.26);</listitem>
<listitem>Informational: No Post Logon Banner Message (one device, see section 2.28);</listitem>
<listitem>Informational: ICMP Redirect Messages Were Enabled (one device, see section 2.29);</listitem>
<listitem>Informational: Unrestricted Outbound Administrative Access (one device, see section 2.30);</listitem>
<listitem>Informational: Switch Port Trunking Allows All VLANs (one device, see section 2.31).</listitem>
</list>
<text>Nipper Studio identified seven security issues with mitigation recommendations that were classified as Planned. Those issues were:</text>
<list type="bullet">
<listitem>High: No VTP Authentication Password Was Configured (one device, see section 2.7);</listitem>
<listitem>Medium: DTP Was Enabled (one device, see section 2.10);</listitem>
<listitem>Medium: Syslog Logging Not Enabled (one device, see section 2.13);</listitem>
<listitem>Medium: No Time Synchronization Configured (one device, see section 2.14);</listitem>
<listitem>Low: Switch Port Security Disabled (one device, see section 2.18);</listitem>
<listitem>Low: VTP Was In Server Mode (one device, see section 2.19);</listitem>
<listitem>Informational: No Network Filtering Rules Were Configured (one device, see section 2.27).</listitem>
</list>
<text>Nipper Studio can draw the following additional conclusion from the security audit based on the classification of the recommended issue mitigations. Most of the security issue recommendations are perceived to be quick to implement, enabling the majority of the issues to be quickly resolved without requiring a significant allocation of resources or system disruption. Of the 30 security issues identified, 23 (76%) recommendations were classified as having a quick mitigation and seven (23%) recommendations were classified as having a planned mitigation.</text>
<graph index="8" title="Issue Mitigation Classification" ref="SECURITY.MITIGATION.PIE" position="bottom" type="pie">
<datalabels>
<datalabel>Planned</datalabel>
<datalabel>Quick</datalabel>
</datalabels>
<graphdata datadepth="1">
<data>7</data>
<data>23</data>
</graphdata>
<datacolors>
<datacolor>#FFBF00</datacolor>
<datacolor>#006300</datacolor>
</datacolors>
</graph>
</section>
</part>
<part index="3" title="Vulnerability Audit" ref="VULNAUDIT">
<section index="3.1" title="Introduction" ref="VULNAUDIT.INTRO">
<text>Nipper Studio performed a software vulnerability audit on Tuesday, August 8, 2017 of the device detailed in Table <linktotable ref="VULNAUDIT.INTRO">29</linktotable>. The audit was performed by comparing the device software versions against a database of known vulnerabilities reported by both device manufacturers and third-party security specialists.</text>
<table index="29" title="Software vulnerability audit scope" ref="VULNAUDIT.INTRO">
<headings>
<heading>Device</heading>
<heading>Type</heading>
<heading>Model</heading>
<heading>Version</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>IOS 12.2</item></tablecell>
</tablerow>
</tablebody>
</table>
<text>The vulnerability database used in this audit was updated on Wednesday, May 24, 2017. Each vulnerability is detailed with a CVSSv2 score, advisory references and third-party references.</text>
</section>
<section index="3.2" title="CVE-2002-1357" ref="VULNAUDIT.CVE-2002-1357">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/23/02</infodata>
</infobox>
<section index="3.2.1" title="Summary" ref="VULNAUDIT.CVE-2002-1357.SUMMARY">
<text>Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.</text>
</section>
<section index="3.2.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1357.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.2.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2002-1357.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CERT CA-2002-36 Web link: <weblink>http://www.cert.org/advisories/CA-2002-36.html</weblink>.</listitem>
</list>
</section>
<section index="3.2.4" title="Reference" ref="VULNAUDIT.CVE-2002-1357.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>VULNWATCH 20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html</weblink>;</listitem>
<listitem>SECTRACK 1005812 Web link: <weblink>http://securitytracker.com/id?1005812</weblink>;</listitem>
<listitem>SECTRACK 1005813 Web link: <weblink>http://securitytracker.com/id?1005813</weblink>;</listitem>
<listitem>CERT-VN VU#389665 Web link: <weblink>http://www.kb.cert.org/vuls/id/389665</weblink>;</listitem>
<listitem>BID 6405 Web link: <weblink>http://www.securityfocus.com/bid/6405</weblink>;</listitem>
<listitem>XF ssh-transport-length-bo(10868) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/10868</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.3" title="CVE-2002-1358" ref="VULNAUDIT.CVE-2002-1358">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/23/02</infodata>
</infobox>
<section index="3.3.1" title="Summary" ref="VULNAUDIT.CVE-2002-1358.SUMMARY">
<text>Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.</text>
</section>
<section index="3.3.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1358.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.3.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2002-1358.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CERT CA-2002-36 Web link: <weblink>http://www.cert.org/advisories/CA-2002-36.html</weblink>.</listitem>
</list>
</section>
<section index="3.3.4" title="Reference" ref="VULNAUDIT.CVE-2002-1358.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>VULNWATCH 20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html</weblink>;</listitem>
<listitem>SECTRACK 1005812 Web link: <weblink>http://securitytracker.com/id?1005812</weblink>;</listitem>
<listitem>SECTRACK 1005813 Web link: <weblink>http://securitytracker.com/id?1005813</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.4" title="CVE-2002-1359" ref="VULNAUDIT.CVE-2002-1359">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/23/02</infodata>
</infobox>
<section index="3.4.1" title="Summary" ref="VULNAUDIT.CVE-2002-1359.SUMMARY">
<text>Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.</text>
</section>
<section index="3.4.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1359.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.4.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2002-1359.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>VULNWATCH 20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html</weblink>;</listitem>
<listitem>CERT CA-2002-36 Web link: <weblink>http://www.cert.org/advisories/CA-2002-36.html</weblink>.</listitem>
</list>
</section>
<section index="3.4.4" title="References" ref="VULNAUDIT.CVE-2002-1359.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1005812 Web link: <weblink>http://securitytracker.com/id?1005812</weblink>;</listitem>
<listitem>SECTRACK 1005813 Web link: <weblink>http://securitytracker.com/id?1005813</weblink>;</listitem>
<listitem>BID 6407 Web link: <weblink>http://www.securityfocus.com/bid/6407</weblink>;</listitem>
<listitem>XF ssh-transport-multiple-bo(10870) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/10870</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.5" title="CVE-2002-1360" ref="VULNAUDIT.CVE-2002-1360">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/23/02</infodata>
</infobox>
<section index="3.5.1" title="Summary" ref="VULNAUDIT.CVE-2002-1360.SUMMARY">
<text>Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.</text>
</section>
<section index="3.5.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1360.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.5.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2002-1360.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>VULNWATCH 20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html</weblink>;</listitem>
<listitem>CERT CA-2002-36 Web link: <weblink>http://www.cert.org/advisories/CA-2002-36.html</weblink>.</listitem>
</list>
</section>
<section index="3.5.4" title="References" ref="VULNAUDIT.CVE-2002-1360.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1005812 Web link: <weblink>http://securitytracker.com/id?1005812</weblink>;</listitem>
<listitem>SECTRACK 1005813 Web link: <weblink>http://securitytracker.com/id?1005813</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.6" title="CVE-2007-0480" ref="VULNAUDIT.CVE-2007-0480">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/24/07</infodata>
</infobox>
<section index="3.6.1" title="Summary" ref="VULNAUDIT.CVE-2007-0480.SUMMARY">
<text>Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.</text>
</section>
<section index="3.6.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-0480.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.6.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2007-0480.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20070124 Crafted IP Option Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.6.4" title="Reference" ref="VULNAUDIT.CVE-2007-0480.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1017555 Web link: <weblink>http://securitytracker.com/id?1017555</weblink>;</listitem>
<listitem>CERT-VN VU#341288 Web link: <weblink>http://www.kb.cert.org/vuls/id/341288</weblink>;</listitem>
<listitem>BID 22211 Web link: <weblink>http://www.securityfocus.com/bid/22211</weblink>;</listitem>
<listitem>CERT TA07-024A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA07-024A.html</weblink>;</listitem>
<listitem>VUPEN ADV-2007-0329 Web link: <weblink>http://www.vupen.com/english/advisories/2007/0329</weblink>;</listitem>
<listitem>XF cisco-ip-option-code-execution(31725) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/31725</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.7" title="CVE-2010-1574" ref="VULNAUDIT.CVE-2010-1574">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/8/10</infodata>
</infobox>
<section index="3.7.1" title="Summary" ref="VULNAUDIT.CVE-2010-1574.SUMMARY">
<text>IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.</text>
</section>
<section index="3.7.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-1574.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.7.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-1574.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100707 Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.7.4" title="Reference" ref="VULNAUDIT.CVE-2010-1574.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1024173 Web link: <weblink>http://securitytracker.com/id?1024173</weblink>;</listitem>
<listitem>CERT-VN VU#732671 Web link: <weblink>http://www.kb.cert.org/vuls/id/732671</weblink>;</listitem>
<listitem>BID 41436 Web link: <weblink>http://www.securityfocus.com/bid/41436</weblink>;</listitem>
<listitem>VUPEN ADV-2010-1754 Web link: <weblink>http://www.vupen.com/english/advisories/2010/1754</weblink>;</listitem>
<listitem>XF cisco-industrial-snmp-unauth-access(60145) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/60145</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.8" title="CVE-2011-3271" ref="VULNAUDIT.CVE-2011-3271">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.8.1" title="Summary" ref="VULNAUDIT.CVE-2011-3271.SUMMARY">
<text>Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165.</text>
</section>
<section index="3.8.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3271.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.8.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3271.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Smart Install Remote Code Execution Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4f.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.8.4" title="Reference" ref="VULNAUDIT.CVE-2011-3271.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24115</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.9" title="CVE-2017-3881" ref="VULNAUDIT.CVE-2017-3881">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">10.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (10.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/17/17</infodata>
</infobox>
<section index="3.9.1" title="Summary" ref="VULNAUDIT.CVE-2017-3881.SUMMARY">
<text>A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.</text>
</section>
<section index="3.9.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3881.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.9.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3881.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 96960 Web link: <weblink>http://www.securityfocus.com/bid/96960</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp</weblink>.</listitem>
</list>
</section>
<section index="3.9.4" title="References" ref="VULNAUDIT.CVE-2017-3881.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97391 Web link: <weblink>http://www.securityfocus.com/bid/97391</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.10" title="CVE-2001-0537" ref="VULNAUDIT.CVE-2001-0537">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/21/01</infodata>
</infobox>
<section index="3.10.1" title="Summary" ref="VULNAUDIT.CVE-2001-0537.SUMMARY">
<text>HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.</text>
</section>
<section index="3.10.2" title="Affected Device" ref="VULNAUDIT.CVE-2001-0537.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.10.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2001-0537.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT CA-2001-14 Web link: <weblink>http://www.cert.org/advisories/CA-2001-14.html</weblink>;</listitem>
<listitem>CISCO 20010627 IOS HTTP authorization vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html</weblink>;</listitem>
<listitem>BID 2936 Web link: <weblink>http://www.securityfocus.com/bid/2936</weblink>.</listitem>
</list>
</section>
<section index="3.10.4" title="References" ref="VULNAUDIT.CVE-2001-0537.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CIAC L-106 Web link: <weblink>http://www.ciac.org/ciac/bulletins/l-106.shtml</weblink>;</listitem>
<listitem>BUGTRAQ 20010702 Cisco IOS HTTP Configuration Exploit Web link: <weblink>http://www.securityfocus.com/archive/1/[email protected]</weblink>;</listitem>
<listitem>BUGTRAQ 20010702 ios-http-auth.sh Web link: <weblink>http://www.securityfocus.com/archive/1/[email protected]</weblink>;</listitem>
<listitem>BUGTRAQ 20010629 Re: Cisco Security Advisory: IOS HTTP authorization vulnerability Web link: <weblink>http://www.securityfocus.com/archive/1/[email protected]</weblink>;</listitem>
<listitem>BUGTRAQ 20010702 Cisco device HTTP exploit... Web link: <weblink>http://www.securityfocus.com/archive/1/[email protected]</weblink>;</listitem>
<listitem>XF cisco-ios-admin-access(6749) Web link: <weblink>http://xforce.iss.net/static/6749.php</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.11" title="CVE-2003-1398" ref="VULNAUDIT.CVE-2003-1398">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/03</infodata>
</infobox>
<section index="3.11.1" title="Summary" ref="VULNAUDIT.CVE-2003-1398.SUMMARY">
<text>Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).</text>
</section>
<section index="3.11.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-1398.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.11.3" title="References" ref="VULNAUDIT.CVE-2003-1398.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BUGTRAQ 20030211 Field Notice - IOS Accepts ICMP Redirects in Non-default Configuration Settings Web link: <weblink>http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html</weblink>;</listitem>
<listitem>SECTRACK 1006075 Web link: <weblink>http://securitytracker.com/id?1006075</weblink>;</listitem>
<listitem>BID 6823 Web link: <weblink>http://www.securityfocus.com/bid/6823</weblink>;</listitem>
<listitem>XF cisco-ios-icmp-redirect(11306) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/11306</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.12" title="CVE-2005-3481" ref="VULNAUDIT.CVE-2005-3481">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/2/05</infodata>
</infobox>
<section index="3.12.1" title="Summary" ref="VULNAUDIT.CVE-2005-3481.SUMMARY">
<text>Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed.</text>
</section>
<section index="3.12.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-3481.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.12.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-3481.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20051102 IOS Heap-based Overflow Vulnerability in System Timers Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.12.4" title="Reference" ref="VULNAUDIT.CVE-2005-3481.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1015139 Web link: <weblink>http://securitytracker.com/id?1015139</weblink>;</listitem>
<listitem>CERT-VN VU#562945 Web link: <weblink>http://www.kb.cert.org/vuls/id/562945</weblink>;</listitem>
<listitem>BID 15275 Web link: <weblink>http://www.securityfocus.com/bid/15275</weblink>;</listitem>
<listitem>VUPEN ADV-2005-2282 Web link: <weblink>http://www.vupen.com/english/advisories/2005/2282</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.13" title="CVE-2007-2586" ref="VULNAUDIT.CVE-2007-2586">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/9/07</infodata>
</infobox>
<section index="3.13.1" title="Summary" ref="VULNAUDIT.CVE-2007-2586.SUMMARY">
<text>The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.</text>
</section>
<section index="3.13.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-2586.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.13.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2007-2586.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070509 Multiple Vulnerabilities in the IOS FTP Server Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2007-1749 Web link: <weblink>http://www.vupen.com/english/advisories/2007/1749</weblink>.</listitem>
</list>
</section>
<section index="3.13.4" title="References" ref="VULNAUDIT.CVE-2007-2586.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BUGTRAQ 20090120 Re: Remote Cisco IOS FTP exploit Web link: <weblink>http://seclists.org/bugtraq/2009/Jan/0183.html</weblink>;</listitem>
<listitem>EXPLOIT-DB 6155 Web link: <weblink>http://www.exploit-db.com/exploits/6155</weblink>;</listitem>
<listitem>MILW0RM 6155 Web link: <weblink>http://www.milw0rm.com/exploits/6155</weblink>;</listitem>
<listitem>BUGTRAQ 20080729 Remote Cisco IOS FTP exploit Web link: <weblink>http://www.securityfocus.com/archive/1/494868</weblink>;</listitem>
<listitem>BID 23885 Web link: <weblink>http://www.securityfocus.com/bid/23885</weblink>;</listitem>
<listitem>SECTRACK 1018030 Web link: <weblink>http://www.securitytracker.com/id?1018030</weblink>;</listitem>
<listitem>XF cisco-ios-ftp-unauthorized-access(34197) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34197</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.14" title="CVE-2007-4286" ref="VULNAUDIT.CVE-2007-4286">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.14.1" title="Summary" ref="VULNAUDIT.CVE-2007-4286.SUMMARY">
<text>Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.</text>
</section>
<section index="3.14.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4286.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.14.3" title="References" ref="VULNAUDIT.CVE-2007-4286.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070808 Cisco IOS Next Hop Resolution Protocol Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a008089963b.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#201984 Web link: <weblink>http://www.kb.cert.org/vuls/id/201984</weblink>;</listitem>
<listitem>BUGTRAQ 20070809 Cisco NHRP denial of service (cisco-sa-20070808-nhrp) Web link: <weblink>http://www.securityfocus.com/archive/1/archive/1/475931/100/0/threaded</weblink>;</listitem>
<listitem>BID 25238 Web link: <weblink>http://www.securityfocus.com/bid/25238</weblink>;</listitem>
<listitem>SECTRACK 1018535 Web link: <weblink>http://www.securitytracker.com/id?1018535</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2818 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2818</weblink>;</listitem>
<listitem>XF cisco-ios-nexthop-bo(35889) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35889</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.15" title="CVE-2007-4292" ref="VULNAUDIT.CVE-2007-4292">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.15.1" title="Summary" ref="VULNAUDIT.CVE-2007-4292.SUMMARY">
<text>Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249.</text>
</section>
<section index="3.15.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4292.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.15.3" title="References" ref="VULNAUDIT.CVE-2007-4292.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1018533 Web link: <weblink>http://securitytracker.com/id?1018533</weblink>;</listitem>
<listitem>CISCO 20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml</weblink>;</listitem>
<listitem>BID 25239 Web link: <weblink>http://www.securityfocus.com/bid/25239</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2816 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2816</weblink>;</listitem>
<listitem>XF cisco-ios-sip-dos(35890) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35890</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.16" title="CVE-2007-5381" ref="VULNAUDIT.CVE-2007-5381">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/11/07</infodata>
</infobox>
<section index="3.16.1" title="Summary" ref="VULNAUDIT.CVE-2007-5381.SUMMARY">
<text>Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.</text>
</section>
<section index="3.16.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-5381.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.16.3" title="References" ref="VULNAUDIT.CVE-2007-5381.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20071010 Cisco IOS Line Printer Daemon (LPD) Protocol Stack Overflow Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a00808d72e3.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.irmplc.com/index.php/155-Advisory-024</weblink>;</listitem>
<listitem>CERT-VN VU#230505 Web link: <weblink>http://www.kb.cert.org/vuls/id/230505</weblink>;</listitem>
<listitem>BID 26001 Web link: <weblink>http://www.securityfocus.com/bid/26001</weblink>;</listitem>
<listitem>SECTRACK 1018798 Web link: <weblink>http://www.securitytracker.com/id?1018798</weblink>;</listitem>
<listitem>VUPEN ADV-2007-3457 Web link: <weblink>http://www.vupen.com/english/advisories/2007/3457</weblink>;</listitem>
<listitem>XF cisco-ios-lpd-bo(37046) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/37046</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.17" title="CVE-2008-3807" ref="VULNAUDIT.CVE-2008-3807">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:C/A:C (9.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.17.1" title="Summary" ref="VULNAUDIT.CVE-2008-3807.SUMMARY">
<text>Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with &quot;private&quot; as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.</text>
</section>
<section index="3.17.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3807.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.17.3" title="References" ref="VULNAUDIT.CVE-2008-3807.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Cisco uBR10012 Series Devices SNMP Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014b1.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020941 Web link: <weblink>http://www.securitytracker.com/id?1020941</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.18" title="CVE-2007-4285" ref="VULNAUDIT.CVE-2007-4285">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:C (9.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.18.1" title="Summary" ref="VULNAUDIT.CVE-2007-4285.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.</text>
</section>
<section index="3.18.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4285.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.18.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2007-4285.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070808 Cisco IOS Information Leakage Using IPv6 Routing Header Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2819 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2819</weblink>.</listitem>
</list>
</section>
<section index="3.18.4" title="References" ref="VULNAUDIT.CVE-2007-4285.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1018542 Web link: <weblink>http://www.securitytracker.com/id?1018542</weblink>;</listitem>
<listitem>XF cisco-ios-ipv6-header-dos(35906) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35906</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.19" title="CVE-2015-0635" ref="VULNAUDIT.CVE-2015-0635">
<infobox type="information" position="topright" title="Overall Rating: Critical" dataformat="dual">
<infodata label="CVSSv2 Score">9.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:C (9.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (9.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.19.1" title="Summary" ref="VULNAUDIT.CVE-2015-0635.SUMMARY">
<text>The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.</text>
</section>
<section index="3.19.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0635.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.19.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0635.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani</weblink>.</listitem>
</list>
</section>
<section index="3.19.4" title="Reference" ref="VULNAUDIT.CVE-2015-0635.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1031982 Web link: <weblink>http://www.securitytracker.com/id/1031982</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.20" title="CVE-2007-4263" ref="VULNAUDIT.CVE-2007-4263">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">8.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:S/C:C/I:C/A:C (8.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (8.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/8/07</infodata>
</infobox>
<section index="3.20.1" title="Summary" ref="VULNAUDIT.CVE-2007-4263.SUMMARY">
<text>Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.</text>
</section>
<section index="3.20.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4263.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.20.3" title="References" ref="VULNAUDIT.CVE-2007-4263.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070808 Cisco IOS Secure Copy Authorization Bypass Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml</weblink>;</listitem>
<listitem>BID 25240 Web link: <weblink>http://www.securityfocus.com/bid/25240</weblink>;</listitem>
<listitem>SECTRACK 1018534 Web link: <weblink>http://www.securitytracker.com/id?1018534</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2817 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2817</weblink>;</listitem>
<listitem>XF cisco-ios-scp-file-overwrite(35872) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35872</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.21" title="CVE-2008-3805" ref="VULNAUDIT.CVE-2008-3805">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">8.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:C (8.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (8.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.21.1" title="Summary" ref="VULNAUDIT.CVE-2008-3805.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.</text>
</section>
<section index="3.21.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3805.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.21.3" title="References" ref="VULNAUDIT.CVE-2008-3805.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=16646</weblink>;</listitem>
<listitem>CISCO 20080924 Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ae.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020935 Web link: <weblink>http://www.securitytracker.com/id?1020935</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.22" title="CVE-2008-3806" ref="VULNAUDIT.CVE-2008-3806">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">8.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:C (8.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (8.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.22.1" title="Summary" ref="VULNAUDIT.CVE-2008-3806.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805.</text>
</section>
<section index="3.22.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3806.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.22.3" title="References" ref="VULNAUDIT.CVE-2008-3806.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=16646</weblink>;</listitem>
<listitem>CISCO 20080924 Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ae.shtml</weblink>;</listitem>
<listitem>XF ios-udp-ipc-dos-variant2(45592) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/45592</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.23" title="CVE-2012-0384" ref="VULNAUDIT.CVE-2012-0384">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">8.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:S/C:C/I:C/A:C (8.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (8.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/29/12</infodata>
</infobox>
<section index="3.23.1" title="Summary" ref="VULNAUDIT.CVE-2012-0384.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106.</text>
</section>
<section index="3.23.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0384.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.23.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-0384.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120328 Cisco IOS Software Command Authorization Bypass Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-pai</weblink>.</listitem>
</list>
</section>
<section index="3.23.4" title="Reference" ref="VULNAUDIT.CVE-2012-0384.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 52755 Web link: <weblink>http://www.securityfocus.com/bid/52755</weblink>;</listitem>
<listitem>SECTRACK 1026860 Web link: <weblink>http://www.securitytracker.com/id?1026860</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.24" title="CVE-2016-6380" ref="VULNAUDIT.CVE-2016-6380">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">8.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:P/I:P/A:C (8.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (8.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.24.1" title="Summary" ref="VULNAUDIT.CVE-2016-6380.SUMMARY">
<text>The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.</text>
</section>
<section index="3.24.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6380.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.24.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6380.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns</weblink>.</listitem>
</list>
</section>
<section index="3.24.4" title="Reference" ref="VULNAUDIT.CVE-2016-6380.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93201 Web link: <weblink>http://www.securityfocus.com/bid/93201</weblink>;</listitem>
<listitem>MISC Web link: <weblink>https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.25" title="CVE-2002-2208" ref="VULNAUDIT.CVE-2002-2208">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/02</infodata>
</infobox>
<section index="3.25.1" title="Summary" ref="VULNAUDIT.CVE-2002-2208.SUMMARY">
<text>Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.</text>
</section>
<section index="3.25.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-2208.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.25.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2002-2208.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/warp/public/707/eigrp_issue.pdf</weblink>;</listitem>
<listitem>BUGTRAQ 20021219 Cisco IOS EIGRP Network DoS Web link: <weblink>http://www.securityfocus.com/archive/1/304034</weblink>;</listitem>
<listitem>BUGTRAQ 20051220 Re: Unauthenticated EIGRP DoS Web link: <weblink>http://www.securityfocus.com/archive/1/archive/1/419898/100/0/threaded</weblink>.</listitem>
</list>
</section>
<section index="3.25.4" title="References" ref="VULNAUDIT.CVE-2002-2208.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>FULLDISC 20051219 Unauthenticated EIGRP DoS Web link: <weblink>http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html</weblink>;</listitem>
<listitem>FULLDISC 20051220 RE: Authenticated EIGRP DoS / Information leak Web link: <weblink>http://marc.info/?l=full-disclosure&amp;m=113504451523186&amp;w=2</weblink>;</listitem>
<listitem>SECTRACK 1005840 Web link: <weblink>http://securitytracker.com/id?1005840</weblink>;</listitem>
<listitem>CISCO 20021220 Cisco's Response to the EIGRP Issue Web link: <weblink>http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html</weblink>;</listitem>
<listitem>BUGTRAQ 20021219 Re: Cisco IOS EIGRP Network DoS Web link: <weblink>http://www.securityfocus.com/archive/1/304044</weblink>;</listitem>
<listitem>BID 6443 Web link: <weblink>http://www.securityfocus.com/bid/6443</weblink>;</listitem>
<listitem>XF cisco-ios-eigrp-dos(10903) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/10903</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.26" title="CVE-2003-0567" ref="VULNAUDIT.CVE-2003-0567">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/18/03</infodata>
</infobox>
<section index="3.26.1" title="Summary" ref="VULNAUDIT.CVE-2003-0567.SUMMARY">
<text>Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.</text>
</section>
<section index="3.26.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0567.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.26.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2003-0567.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT CA-2003-15 Web link: <weblink>http://www.cert.org/advisories/CA-2003-15.html</weblink>;</listitem>
<listitem>CERT CA-2003-17 Web link: <weblink>http://www.cert.org/advisories/CA-2003-17.html</weblink>.</listitem>
</list>
</section>
<section index="3.26.4" title="References" ref="VULNAUDIT.CVE-2003-0567.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>FULLDISC 20030718 (no subject) Web link: <weblink>http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006743.html</weblink>;</listitem>
<listitem>CISCO 20030717 IOS Interface Blocked by IPv4 Packet Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#411332 Web link: <weblink>http://www.kb.cert.org/vuls/id/411332</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.27" title="CVE-2007-0479" ref="VULNAUDIT.CVE-2007-0479">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/24/07</infodata>
</infobox>
<section index="3.27.1" title="Summary" ref="VULNAUDIT.CVE-2007-0479.SUMMARY">
<text>Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to cause a denial of service by sending crafted TCP traffic to an IPv4 address on the IOS device.</text>
</section>
<section index="3.27.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-0479.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.27.3" title="References" ref="VULNAUDIT.CVE-2007-0479.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1017551 Web link: <weblink>http://securitytracker.com/id?1017551</weblink>;</listitem>
<listitem>CISCO 20070124 Crafted TCP Packet Can Cause Denial of Service Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0e4.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#217912 Web link: <weblink>http://www.kb.cert.org/vuls/id/217912</weblink>;</listitem>
<listitem>BID 22208 Web link: <weblink>http://www.securityfocus.com/bid/22208</weblink>;</listitem>
<listitem>CERT TA07-024A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA07-024A.html</weblink>;</listitem>
<listitem>VUPEN ADV-2007-0329 Web link: <weblink>http://www.vupen.com/english/advisories/2007/0329</weblink>;</listitem>
<listitem>XF cisco-tcp-ipv4-dos(31716) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/31716</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.28" title="CVE-2007-0481" ref="VULNAUDIT.CVE-2007-0481">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/24/07</infodata>
</infobox>
<section index="3.28.1" title="Summary" ref="VULNAUDIT.CVE-2007-0481.SUMMARY">
<text>Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header.</text>
</section>
<section index="3.28.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-0481.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.28.3" title="References" ref="VULNAUDIT.CVE-2007-0481.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1017550 Web link: <weblink>http://securitytracker.com/id?1017550</weblink>;</listitem>
<listitem>CISCO 20070124 IPv6 Routing Header Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0fd.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#274760 Web link: <weblink>http://www.kb.cert.org/vuls/id/274760</weblink>;</listitem>
<listitem>BID 22210 Web link: <weblink>http://www.securityfocus.com/bid/22210</weblink>;</listitem>
<listitem>CERT TA07-024A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA07-024A.html</weblink>;</listitem>
<listitem>VUPEN ADV-2007-0329 Web link: <weblink>http://www.vupen.com/english/advisories/2007/0329</weblink>;</listitem>
<listitem>XF cisco-ios-ipv6-type0-dos(31715) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/31715</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.29" title="CVE-2007-2688" ref="VULNAUDIT.CVE-2007-2688">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/15/07</infodata>
</infobox>
<section index="3.29.1" title="Summary" ref="VULNAUDIT.CVE-2007-2688.SUMMARY">
<text>The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.</text>
</section>
<section index="3.29.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-2688.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.29.3" title="References" ref="VULNAUDIT.CVE-2007-2688.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070514 HTTP Full-Width and Half-Width Unicode Encoding Evasion Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.gamasec.net/english/gs07-01.html</weblink>;</listitem>
<listitem>CERT-VN VU#739224 Web link: <weblink>http://www.kb.cert.org/vuls/id/739224</weblink>;</listitem>
<listitem>BUGTRAQ 20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Web link: <weblink>http://www.securityfocus.com/archive/1/archive/1/468633/100/0/threaded</weblink>;</listitem>
<listitem>BID 23980 Web link: <weblink>http://www.securityfocus.com/bid/23980</weblink>;</listitem>
<listitem>SECTRACK 1018053 Web link: <weblink>http://www.securitytracker.com/id?1018053</weblink>;</listitem>
<listitem>SECTRACK 1018054 Web link: <weblink>http://www.securitytracker.com/id?1018054</weblink>;</listitem>
<listitem>VUPEN ADV-2007-1803 Web link: <weblink>http://www.vupen.com/english/advisories/2007/1803</weblink>;</listitem>
<listitem>XF cisco-scanengine-unicode-security-bypass(34277) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34277</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.30" title="CVE-2007-2813" ref="VULNAUDIT.CVE-2007-2813">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/22/07</infodata>
</infobox>
<section index="3.30.1" title="Summary" ref="VULNAUDIT.CVE-2007-2813.SUMMARY">
<text>Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.</text>
</section>
<section index="3.30.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-2813.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.30.3" title="References" ref="VULNAUDIT.CVE-2007-2813.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070522 Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml</weblink>;</listitem>
<listitem>BID 24097 Web link: <weblink>http://www.securityfocus.com/bid/24097</weblink>;</listitem>
<listitem>SECTRACK 1018094 Web link: <weblink>http://www.securitytracker.com/id?1018094</weblink>;</listitem>
<listitem>VUPEN ADV-2007-1910 Web link: <weblink>http://www.vupen.com/english/advisories/2007/1910</weblink>;</listitem>
<listitem>XF cisco-ios-clienthello-dos(34432) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34432</weblink>;</listitem>
<listitem>XF cisco-ios-changecipherspec-dos(34436) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34436</weblink>;</listitem>
<listitem>XF cisco-ios-finished-dos(34442) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34442</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.31" title="CVE-2008-1152" ref="VULNAUDIT.CVE-2008-1152">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/08</infodata>
</infobox>
<section index="3.31.1" title="Summary" ref="VULNAUDIT.CVE-2008-1152.SUMMARY">
<text>The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.</text>
</section>
<section index="3.31.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-1152.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.31.3" title="References" ref="VULNAUDIT.CVE-2008-1152.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080326 Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080969866.shtml</weblink>;</listitem>
<listitem>BID 28465 Web link: <weblink>http://www.securityfocus.com/bid/28465</weblink>;</listitem>
<listitem>SECTRACK 1019712 Web link: <weblink>http://www.securitytracker.com/id?1019712</weblink>;</listitem>
<listitem>CERT TA08-087B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA08-087B.html</weblink>;</listitem>
<listitem>VUPEN ADV-2008-1006 Web link: <weblink>http://www.vupen.com/english/advisories/2008/1006/references</weblink>;</listitem>
<listitem>XF cisco-ios-dlsw-dos(41482) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/41482</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.32" title="CVE-2008-3799" ref="VULNAUDIT.CVE-2008-3799">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.32.1" title="Summary" ref="VULNAUDIT.CVE-2008-3799.SUMMARY">
<text>Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.</text>
</section>
<section index="3.32.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3799.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.32.3" title="References" ref="VULNAUDIT.CVE-2008-3799.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020939 Web link: <weblink>http://www.securitytracker.com/id?1020939</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.33" title="CVE-2008-3808" ref="VULNAUDIT.CVE-2008-3808">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.33.1" title="Summary" ref="VULNAUDIT.CVE-2008-3808.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.</text>
</section>
<section index="3.33.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3808.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.33.3" title="References" ref="VULNAUDIT.CVE-2008-3808.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Multiple Multicast Vulnerabilities in Cisco IOS Software Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01491.shtml</weblink>;</listitem>
<listitem>BID 31356 Web link: <weblink>http://www.securityfocus.com/bid/31356</weblink>;</listitem>
<listitem>SECTRACK 1020936 Web link: <weblink>http://www.securitytracker.com/id?1020936</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.34" title="CVE-2008-3813" ref="VULNAUDIT.CVE-2008-3813">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.34.1" title="Summary" ref="VULNAUDIT.CVE-2008-3813.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.</text>
</section>
<section index="3.34.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3813.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.34.3" title="References" ref="VULNAUDIT.CVE-2008-3813.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0157a.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020938 Web link: <weblink>http://www.securitytracker.com/id?1020938</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.35" title="CVE-2009-0631" ref="VULNAUDIT.CVE-2009-0631">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/09</infodata>
</infobox>
<section index="3.35.1" title="Summary" ref="VULNAUDIT.CVE-2009-0631.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet.</text>
</section>
<section index="3.35.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-0631.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.35.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-0631.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20090325 Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90426.shtml</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.35.4" title="References" ref="VULNAUDIT.CVE-2009-0631.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 34245 Web link: <weblink>http://www.securityfocus.com/bid/34245</weblink>;</listitem>
<listitem>SECTRACK 1021904 Web link: <weblink>http://www.securitytracker.com/id?1021904</weblink>;</listitem>
<listitem>XF ios-udp-dos(49419) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/49419</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.36" title="CVE-2009-0636" ref="VULNAUDIT.CVE-2009-0636">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/09</infodata>
</infobox>
<section index="3.36.1" title="Summary" ref="VULNAUDIT.CVE-2009-0636.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.</text>
</section>
<section index="3.36.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-0636.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.36.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-0636.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml</weblink>;</listitem>
<listitem>CISCO 20090325 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c0.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2009-0851 Web link: <weblink>http://www.vupen.com/english/advisories/2009/0851</weblink>.</listitem>
</list>
</section>
<section index="3.36.4" title="References" ref="VULNAUDIT.CVE-2009-0636.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1021902 Web link: <weblink>http://securitytracker.com/id?1021902</weblink>;</listitem>
<listitem>BID 34243 Web link: <weblink>http://www.securityfocus.com/bid/34243</weblink>;</listitem>
<listitem>XF ios-sip-dos(49421) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/49421</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.37" title="CVE-2009-2866" ref="VULNAUDIT.CVE-2009-2866">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.37.1" title="Summary" ref="VULNAUDIT.CVE-2009-2866.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.</text>
</section>
<section index="3.37.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2866.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.37.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2866.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18885</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software H.323 Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811a.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.37.4" title="References" ref="VULNAUDIT.CVE-2009-2866.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 36494 Web link: <weblink>http://www.securityfocus.com/bid/36494</weblink>;</listitem>
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>;</listitem>
<listitem>XF ciscoios-h323-dos(53446) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/53446</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.38" title="CVE-2009-2867" ref="VULNAUDIT.CVE-2009-2867">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.38.1" title="Summary" ref="VULNAUDIT.CVE-2009-2867.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.</text>
</section>
<section index="3.38.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2867.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.38.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2867.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18886</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Zone-Based Policy Firewall Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8130.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.38.4" title="References" ref="VULNAUDIT.CVE-2009-2867.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.39" title="CVE-2009-2868" ref="VULNAUDIT.CVE-2009-2868">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.39.1" title="Summary" ref="VULNAUDIT.CVE-2009-2868.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.</text>
</section>
<section index="3.39.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2868.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.39.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2868.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18887</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8117.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.39.4" title="References" ref="VULNAUDIT.CVE-2009-2868.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.40" title="CVE-2009-2869" ref="VULNAUDIT.CVE-2009-2869">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.40.1" title="Summary" ref="VULNAUDIT.CVE-2009-2869.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.</text>
</section>
<section index="3.40.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2869.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.40.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2869.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18889</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Network Time Protocol Packet Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8131.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.40.4" title="References" ref="VULNAUDIT.CVE-2009-2869.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.41" title="CVE-2009-2871" ref="VULNAUDIT.CVE-2009-2871">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.41.1" title="Summary" ref="VULNAUDIT.CVE-2009-2871.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.</text>
</section>
<section index="3.41.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2871.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.41.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2871.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18892</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.41.4" title="References" ref="VULNAUDIT.CVE-2009-2871.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.42" title="CVE-2009-5038" ref="VULNAUDIT.CVE-2009-5038">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.42.1" title="Summary" ref="VULNAUDIT.CVE-2009-5038.SUMMARY">
<text>Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a &quot;corrupted magic value,&quot; aka Bug ID CSCso05336.</text>
</section>
<section index="3.42.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-5038.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.42.3" title="References" ref="VULNAUDIT.CVE-2009-5038.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45764 Web link: <weblink>http://www.securityfocus.com/bid/45764</weblink>;</listitem>
<listitem>XF ciscoios-irctraffic-dos(64682) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64682</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.43" title="CVE-2009-5039" ref="VULNAUDIT.CVE-2009-5039">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.43.1" title="Summary" ref="VULNAUDIT.CVE-2009-5039.SUMMARY">
<text>Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535.</text>
</section>
<section index="3.43.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-5039.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.43.3" title="References" ref="VULNAUDIT.CVE-2009-5039.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>XF cisco-ios-gkcircuitinfodoinacf-dos(64731) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64731</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.44" title="CVE-2010-0576" ref="VULNAUDIT.CVE-2010-0576">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.44.1" title="Summary" ref="VULNAUDIT.CVE-2010-0576.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893.</text>
</section>
<section index="3.44.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0576.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.44.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-0576.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100324 Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee2.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.44.4" title="Reference" ref="VULNAUDIT.CVE-2010-0576.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 38938 Web link: <weblink>http://www.securityfocus.com/bid/38938</weblink>;</listitem>
<listitem>SECTRACK 1023740 Web link: <weblink>http://www.securitytracker.com/id?1023740</weblink>;</listitem>
<listitem>VUPEN ADV-2010-0707 Web link: <weblink>http://www.vupen.com/english/advisories/2010/0707</weblink>;</listitem>
<listitem>XF ciscoios-ldp-dos(57143) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/57143</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.45" title="CVE-2010-0578" ref="VULNAUDIT.CVE-2010-0578">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.45.1" title="Summary" ref="VULNAUDIT.CVE-2010-0578.SUMMARY">
<text>The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.</text>
</section>
<section index="3.45.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0578.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.45.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-0578.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100324 Cisco IOS Software IPsec Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee5.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.45.4" title="Reference" ref="VULNAUDIT.CVE-2010-0578.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 38932 Web link: <weblink>http://www.securityfocus.com/bid/38932</weblink>;</listitem>
<listitem>SECTRACK 1023741 Web link: <weblink>http://www.securitytracker.com/id?1023741</weblink>;</listitem>
<listitem>VUPEN ADV-2010-0709 Web link: <weblink>http://www.vupen.com/english/advisories/2010/0709</weblink>;</listitem>
<listitem>XF ciscoios-vpn-dos(57148) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/57148</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.46" title="CVE-2010-0582" ref="VULNAUDIT.CVE-2010-0582">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.46.1" title="Summary" ref="VULNAUDIT.CVE-2010-0582.SUMMARY">
<text>Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.</text>
</section>
<section index="3.46.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0582.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.46.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-0582.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100324 Cisco IOS Software H.323 Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee4.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.46.4" title="Reference" ref="VULNAUDIT.CVE-2010-0582.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1023742 Web link: <weblink>http://www.securitytracker.com/id?1023742</weblink>;</listitem>
<listitem>VUPEN ADV-2010-0706 Web link: <weblink>http://www.vupen.com/english/advisories/2010/0706</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.47" title="CVE-2010-0583" ref="VULNAUDIT.CVE-2010-0583">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.47.1" title="Summary" ref="VULNAUDIT.CVE-2010-0583.SUMMARY">
<text>Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.</text>
</section>
<section index="3.47.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0583.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.47.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-0583.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100324 Cisco IOS Software H.323 Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee4.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.47.4" title="Reference" ref="VULNAUDIT.CVE-2010-0583.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 38934 Web link: <weblink>http://www.securityfocus.com/bid/38934</weblink>;</listitem>
<listitem>SECTRACK 1023742 Web link: <weblink>http://www.securitytracker.com/id?1023742</weblink>;</listitem>
<listitem>VUPEN ADV-2010-0706 Web link: <weblink>http://www.vupen.com/english/advisories/2010/0706</weblink>;</listitem>
<listitem>XF ciscoios-memory-dos(57140) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/57140</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.48" title="CVE-2010-0585" ref="VULNAUDIT.CVE-2010-0585">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.48.1" title="Summary" ref="VULNAUDIT.CVE-2010-0585.SUMMARY">
<text>Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the &quot;SCCP Packet Processing Denial of Service Vulnerability.&quot;</text>
</section>
<section index="3.48.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0585.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.48.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2010-0585.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=20069</weblink>;</listitem>
<listitem>CISCO 20100324 Cisco Unified Communications Manager Express Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.49" title="CVE-2010-0586" ref="VULNAUDIT.CVE-2010-0586">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.49.1" title="Summary" ref="VULNAUDIT.CVE-2010-0586.SUMMARY">
<text>Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the &quot;SCCP Request Handling Denial of Service Vulnerability.&quot;</text>
</section>
<section index="3.49.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0586.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.49.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2010-0586.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=20070</weblink>;</listitem>
<listitem>CISCO 20100324 Cisco Unified Communications Manager Express Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.50" title="CVE-2010-2828" ref="VULNAUDIT.CVE-2010-2828">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.50.1" title="Summary" ref="VULNAUDIT.CVE-2010-2828.SUMMARY">
<text>Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.</text>
</section>
<section index="3.50.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2828.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.50.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2828.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software H.323 Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a300.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.51" title="CVE-2010-2829" ref="VULNAUDIT.CVE-2010-2829">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.51.1" title="Summary" ref="VULNAUDIT.CVE-2010-2829.SUMMARY">
<text>Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567.</text>
</section>
<section index="3.51.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2829.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.51.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2829.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software H.323 Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a300.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.52" title="CVE-2010-2831" ref="VULNAUDIT.CVE-2010-2831">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.52.1" title="Summary" ref="VULNAUDIT.CVE-2010-2831.SUMMARY">
<text>Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624.</text>
</section>
<section index="3.52.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2831.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.52.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2831.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.53" title="CVE-2010-2832" ref="VULNAUDIT.CVE-2010-2832">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.53.1" title="Summary" ref="VULNAUDIT.CVE-2010-2832.SUMMARY">
<text>Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.</text>
</section>
<section index="3.53.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2832.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.53.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2832.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.54" title="CVE-2010-2833" ref="VULNAUDIT.CVE-2010-2833">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.54.1" title="Summary" ref="VULNAUDIT.CVE-2010-2833.SUMMARY">
<text>Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.</text>
</section>
<section index="3.54.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2833.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.54.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2833.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.55" title="CVE-2010-2834" ref="VULNAUDIT.CVE-2010-2834">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.55.1" title="Summary" ref="VULNAUDIT.CVE-2010-2834.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.</text>
</section>
<section index="3.55.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2834.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.55.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2010-2834.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml</weblink>;</listitem>
<listitem>CISCO 20100922 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a313.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.56" title="CVE-2010-2835" ref="VULNAUDIT.CVE-2010-2835">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.56.1" title="Summary" ref="VULNAUDIT.CVE-2010-2835.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358.</text>
</section>
<section index="3.56.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2835.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.56.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2010-2835.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml</weblink>;</listitem>
<listitem>CISCO 20100922 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a313.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.57" title="CVE-2010-4671" ref="VULNAUDIT.CVE-2010-4671">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.57.1" title="Summary" ref="VULNAUDIT.CVE-2010-4671.SUMMARY">
<text>The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534.</text>
</section>
<section index="3.57.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4671.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.57.3" title="References" ref="VULNAUDIT.CVE-2010-4671.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>MISC Web link: <weblink>http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-3957-en-ipv6_insecurities.mp3</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.ciscosystems.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45760 Web link: <weblink>http://www.securityfocus.com/bid/45760</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.youtube.com/watch?v=00yjWB6gGy8</weblink>;</listitem>
<listitem>XF ciscoios-neighbor-discovery-dos(64589) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64589</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.58" title="CVE-2010-4683" ref="VULNAUDIT.CVE-2010-4683">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.58.1" title="Summary" ref="VULNAUDIT.CVE-2010-4683.SUMMARY">
<text>Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.</text>
</section>
<section index="3.58.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4683.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.58.3" title="References" ref="VULNAUDIT.CVE-2010-4683.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45786 Web link: <weblink>http://www.securityfocus.com/bid/45786</weblink>;</listitem>
<listitem>XF ciscoios-sip-register-dos(64588) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64588</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.59" title="CVE-2010-4686" ref="VULNAUDIT.CVE-2010-4686">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.59.1" title="Summary" ref="VULNAUDIT.CVE-2010-4686.SUMMARY">
<text>CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a &quot;peculiar&quot; request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950.</text>
</section>
<section index="3.59.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4686.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.59.3" title="References" ref="VULNAUDIT.CVE-2010-4686.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45769 Web link: <weblink>http://www.securityfocus.com/bid/45769</weblink>;</listitem>
<listitem>XF ciscoios-siptrunk-dos(64585) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64585</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.60" title="CVE-2011-0945" ref="VULNAUDIT.CVE-2011-0945">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.60.1" title="Summary" ref="VULNAUDIT.CVE-2011-0945.SUMMARY">
<text>Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364.</text>
</section>
<section index="3.60.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-0945.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.60.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-0945.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Data-Link Switching Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4e.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.60.4" title="Reference" ref="VULNAUDIT.CVE-2011-0945.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24116</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.61" title="CVE-2011-0946" ref="VULNAUDIT.CVE-2011-0946">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.61.1" title="Summary" ref="VULNAUDIT.CVE-2011-0946.SUMMARY">
<text>The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712.</text>
</section>
<section index="3.61.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-0946.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.61.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-0946.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.61.4" title="Reference" ref="VULNAUDIT.CVE-2011-0946.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24117</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.62" title="CVE-2011-1624" ref="VULNAUDIT.CVE-2011-1624">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/18/11</infodata>
</infobox>
<section index="3.62.1" title="Summary" ref="VULNAUDIT.CVE-2011-1624.SUMMARY">
<text>Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial of service (device reload) by establishing two SSH2 sessions, aka Bug ID CSCto62631.</text>
</section>
<section index="3.62.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-1624.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.62.3" title="References" ref="VULNAUDIT.CVE-2011-1624.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/cisco_ie3000/software/release/12.2_58_se/release/notes/OL24335.html</weblink>;</listitem>
<listitem>Web link: <weblink>https://supportforums.cisco.com/message/3356210</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.63" title="CVE-2011-1640" ref="VULNAUDIT.CVE-2011-1640">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/21/11</infodata>
</infobox>
<section index="3.63.1" title="Summary" ref="VULNAUDIT.CVE-2011-1640.SUMMARY">
<text>The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.</text>
</section>
<section index="3.63.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-1640.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.63.3" title="References" ref="VULNAUDIT.CVE-2011-1640.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.64" title="CVE-2011-2057" ref="VULNAUDIT.CVE-2011-2057">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/21/11</infodata>
</infobox>
<section index="3.64.1" title="Summary" ref="VULNAUDIT.CVE-2011-2057.SUMMARY">
<text>The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.</text>
</section>
<section index="3.64.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-2057.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.64.3" title="References" ref="VULNAUDIT.CVE-2011-2057.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXI_rebuilds.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.65" title="CVE-2011-2058" ref="VULNAUDIT.CVE-2011-2058">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/21/11</infodata>
</infobox>
<section index="3.65.1" title="Summary" ref="VULNAUDIT.CVE-2011-2058.SUMMARY">
<text>The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336.</text>
</section>
<section index="3.65.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-2058.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.65.3" title="References" ref="VULNAUDIT.CVE-2011-2058.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXI_rebuilds.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.66" title="CVE-2011-3270" ref="VULNAUDIT.CVE-2011-3270">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.66.1" title="Summary" ref="VULNAUDIT.CVE-2011-3270.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cisco 10000 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of crafted ICMP packets, aka Bug ID CSCtk62453.</text>
</section>
<section index="3.66.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3270.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.66.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3270.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco 10000 Series Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d50.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.66.4" title="Reference" ref="VULNAUDIT.CVE-2011-3270.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24114</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.67" title="CVE-2011-3276" ref="VULNAUDIT.CVE-2011-3276">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.67.1" title="Summary" ref="VULNAUDIT.CVE-2011-3276.SUMMARY">
<text>Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147.</text>
</section>
<section index="3.67.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3276.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.67.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3276.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.67.4" title="Reference" ref="VULNAUDIT.CVE-2011-3276.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24118</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.68" title="CVE-2011-3277" ref="VULNAUDIT.CVE-2011-3277">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.68.1" title="Summary" ref="VULNAUDIT.CVE-2011-3277.SUMMARY">
<text>Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.</text>
</section>
<section index="3.68.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3277.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.68.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3277.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.68.4" title="Reference" ref="VULNAUDIT.CVE-2011-3277.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24119</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.69" title="CVE-2011-3278" ref="VULNAUDIT.CVE-2011-3278">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.69.1" title="Summary" ref="VULNAUDIT.CVE-2011-3278.SUMMARY">
<text>Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCti48483.</text>
</section>
<section index="3.69.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3278.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.69.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3278.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.69.4" title="Reference" ref="VULNAUDIT.CVE-2011-3278.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24120</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.70" title="CVE-2011-3279" ref="VULNAUDIT.CVE-2011-3279">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.70.1" title="Summary" ref="VULNAUDIT.CVE-2011-3279.SUMMARY">
<text>The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219.</text>
</section>
<section index="3.70.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3279.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.70.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3279.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.70.4" title="Reference" ref="VULNAUDIT.CVE-2011-3279.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24121</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.71" title="CVE-2011-3280" ref="VULNAUDIT.CVE-2011-3280">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.71.1" title="Summary" ref="VULNAUDIT.CVE-2011-3280.SUMMARY">
<text>Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.</text>
</section>
<section index="3.71.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3280.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.71.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3280.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.71.4" title="Reference" ref="VULNAUDIT.CVE-2011-3280.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24120</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.72" title="CVE-2011-3282" ref="VULNAUDIT.CVE-2011-3282">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.72.1" title="Summary" ref="VULNAUDIT.CVE-2011-3282.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device reload) via an ICMPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCtj30155.</text>
</section>
<section index="3.72.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3282.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.72.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3282.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software IPv6 over MPLS Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d52.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.72.4" title="Reference" ref="VULNAUDIT.CVE-2011-3282.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24126</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.73" title="CVE-2012-0381" ref="VULNAUDIT.CVE-2012-0381">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/29/12</infodata>
</infobox>
<section index="3.73.1" title="Summary" ref="VULNAUDIT.CVE-2012-0381.SUMMARY">
<text>The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429.</text>
</section>
<section index="3.73.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0381.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.73.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-0381.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120328 Cisco IOS Internet Key Exchange Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ike</weblink>.</listitem>
</list>
</section>
<section index="3.73.4" title="Reference" ref="VULNAUDIT.CVE-2012-0381.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 52757 Web link: <weblink>http://www.securityfocus.com/bid/52757</weblink>;</listitem>
<listitem>SECTRACK 1026863 Web link: <weblink>http://www.securitytracker.com/id?1026863</weblink>;</listitem>
<listitem>XF ciscoios-ike-packet-dos(74427) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/74427</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.74" title="CVE-2012-0385" ref="VULNAUDIT.CVE-2012-0385">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/29/12</infodata>
</infobox>
<section index="3.74.1" title="Summary" ref="VULNAUDIT.CVE-2012-0385.SUMMARY">
<text>The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051.</text>
</section>
<section index="3.74.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0385.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.74.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-0385.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120328 Cisco IOS Software Smart Install Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall</weblink>.</listitem>
</list>
</section>
<section index="3.74.4" title="Reference" ref="VULNAUDIT.CVE-2012-0385.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 52756 Web link: <weblink>http://www.securityfocus.com/bid/52756</weblink>;</listitem>
<listitem>SECTRACK 1026867 Web link: <weblink>http://www.securitytracker.com/id?1026867</weblink>;</listitem>
<listitem>XF ciscoios-smartinstall-dos(74430) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/74430</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.75" title="CVE-2012-0386" ref="VULNAUDIT.CVE-2012-0386">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/29/12</infodata>
</infobox>
<section index="3.75.1" title="Summary" ref="VULNAUDIT.CVE-2012-0386.SUMMARY">
<text>The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.</text>
</section>
<section index="3.75.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0386.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.75.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-0386.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120328 Cisco IOS Software Reverse SSH Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh</weblink>.</listitem>
</list>
</section>
<section index="3.75.4" title="Reference" ref="VULNAUDIT.CVE-2012-0386.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 52752 Web link: <weblink>http://www.securityfocus.com/bid/52752</weblink>;</listitem>
<listitem>XF ciscoios-sshv2-dos(74404) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/74404</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.76" title="CVE-2012-3079" ref="VULNAUDIT.CVE-2012-3079">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/16/12</infodata>
</infobox>
<section index="3.76.1" title="Summary" ref="VULNAUDIT.CVE-2012-3079.SUMMARY">
<text>Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957.</text>
</section>
<section index="3.76.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-3079.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.76.3" title="References" ref="VULNAUDIT.CVE-2012-3079.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXI_rebuilds.html</weblink>;</listitem>
<listitem>XF ciscoios-neighbors-dos(78921) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/78921</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.77" title="CVE-2012-3949" ref="VULNAUDIT.CVE-2012-3949">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/12</infodata>
</infobox>
<section index="3.77.1" title="Summary" ref="VULNAUDIT.CVE-2012-3949.SUMMARY">
<text>The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664.</text>
</section>
<section index="3.77.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-3949.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.77.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2012-3949.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20120926 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-cucm</weblink>;</listitem>
<listitem>CISCO 20120926 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip</weblink>.</listitem>
</list>
</section>
<section index="3.77.4" title="References" ref="VULNAUDIT.CVE-2012-3949.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 55697 Web link: <weblink>http://www.securityfocus.com/bid/55697</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.78" title="CVE-2012-4618" ref="VULNAUDIT.CVE-2012-4618">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/12</infodata>
</infobox>
<section index="3.78.1" title="Summary" ref="VULNAUDIT.CVE-2012-4618.SUMMARY">
<text>The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183.</text>
</section>
<section index="3.78.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-4618.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.78.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-4618.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120926 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat</weblink>.</listitem>
</list>
</section>
<section index="3.78.4" title="Reference" ref="VULNAUDIT.CVE-2012-4618.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 55693 Web link: <weblink>http://www.securityfocus.com/bid/55693</weblink>;</listitem>
<listitem>SECTRACK 1027579 Web link: <weblink>http://www.securitytracker.com/id?1027579</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.79" title="CVE-2012-4619" ref="VULNAUDIT.CVE-2012-4619">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/12</infodata>
</infobox>
<section index="3.79.1" title="Summary" ref="VULNAUDIT.CVE-2012-4619.SUMMARY">
<text>The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123.</text>
</section>
<section index="3.79.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-4619.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.79.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-4619.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120926 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat</weblink>.</listitem>
</list>
</section>
<section index="3.79.4" title="Reference" ref="VULNAUDIT.CVE-2012-4619.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 55705 Web link: <weblink>http://www.securityfocus.com/bid/55705</weblink>;</listitem>
<listitem>SECTRACK 1027579 Web link: <weblink>http://www.securitytracker.com/id?1027579</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.80" title="CVE-2012-4620" ref="VULNAUDIT.CVE-2012-4620">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/12</infodata>
</infobox>
<section index="3.80.1" title="Summary" ref="VULNAUDIT.CVE-2012-4620.SUMMARY">
<text>Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808.</text>
</section>
<section index="3.80.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-4620.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.80.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-4620.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120926 Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-c10k-tunnels</weblink>.</listitem>
</list>
</section>
<section index="3.80.4" title="Reference" ref="VULNAUDIT.CVE-2012-4620.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 55696 Web link: <weblink>http://www.securityfocus.com/bid/55696</weblink>;</listitem>
<listitem>SECTRACK 1027578 Web link: <weblink>http://www.securitytracker.com/id?1027578</weblink>;</listitem>
<listitem>XF ciscoios-tunneled-dos(78883) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/78883</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.81" title="CVE-2013-1142" ref="VULNAUDIT.CVE-2013-1142">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/28/13</infodata>
</infobox>
<section index="3.81.1" title="Summary" ref="VULNAUDIT.CVE-2013-1142.SUMMARY">
<text>Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.</text>
</section>
<section index="3.81.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-1142.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.81.3" title="References" ref="VULNAUDIT.CVE-2013-1142.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20130327 Cisco IOS Software Network Address Translation Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat</weblink>;</listitem>
<listitem>CISCO 20130327 Cisco IOS Software VRF-Aware NAT Memory Starvation Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1142</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.82" title="CVE-2013-1145" ref="VULNAUDIT.CVE-2013-1145">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/28/13</infodata>
</infobox>
<section index="3.82.1" title="Summary" ref="VULNAUDIT.CVE-2013-1145.SUMMARY">
<text>Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.</text>
</section>
<section index="3.82.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-1145.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.82.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-1145.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130327 Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.83" title="CVE-2013-1146" ref="VULNAUDIT.CVE-2013-1146">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/28/13</infodata>
</infobox>
<section index="3.83.1" title="Summary" ref="VULNAUDIT.CVE-2013-1146.SUMMARY">
<text>The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790.</text>
</section>
<section index="3.83.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-1146.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.83.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-1146.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130327 Cisco IOS Software Smart Install Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.84" title="CVE-2013-5473" ref="VULNAUDIT.CVE-2013-5473">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.84.1" title="Summary" ref="VULNAUDIT.CVE-2013-5473.SUMMARY">
<text>Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.</text>
</section>
<section index="3.84.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5473.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.84.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5473.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ike</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.85" title="CVE-2013-5474" ref="VULNAUDIT.CVE-2013-5474">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.85.1" title="Summary" ref="VULNAUDIT.CVE-2013-5474.SUMMARY">
<text>Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.</text>
</section>
<section index="3.85.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5474.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.85.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5474.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.86" title="CVE-2013-5475" ref="VULNAUDIT.CVE-2013-5475">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.86.1" title="Summary" ref="VULNAUDIT.CVE-2013-5475.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.</text>
</section>
<section index="3.86.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5475.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.86.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5475.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software DHCP Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.87" title="CVE-2013-5477" ref="VULNAUDIT.CVE-2013-5477">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.87.1" title="Summary" ref="VULNAUDIT.CVE-2013-5477.SUMMARY">
<text>The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465.</text>
</section>
<section index="3.87.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5477.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.87.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5477.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Queue Wedge Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-wedge</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.88" title="CVE-2013-5479" ref="VULNAUDIT.CVE-2013-5479">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.88.1" title="Summary" ref="VULNAUDIT.CVE-2013-5479.SUMMARY">
<text>The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730.</text>
</section>
<section index="3.88.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5479.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.88.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5479.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.89" title="CVE-2013-5480" ref="VULNAUDIT.CVE-2013-5480">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.89.1" title="Summary" ref="VULNAUDIT.CVE-2013-5480.SUMMARY">
<text>The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733.</text>
</section>
<section index="3.89.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5480.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.89.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5480.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.90" title="CVE-2014-2108" ref="VULNAUDIT.CVE-2014-2108">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/14</infodata>
</infobox>
<section index="3.90.1" title="Summary" ref="VULNAUDIT.CVE-2014-2108.SUMMARY">
<text>Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.</text>
</section>
<section index="3.90.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-2108.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.90.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2014-2108.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20140326 Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ikev2</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.91" title="CVE-2014-2109" ref="VULNAUDIT.CVE-2014-2109">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/14</infodata>
</infobox>
<section index="3.91.1" title="Summary" ref="VULNAUDIT.CVE-2014-2109.SUMMARY">
<text>The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.</text>
</section>
<section index="3.91.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-2109.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.91.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2014-2109.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20140326 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat</weblink>.</listitem>
</list>
</section>
<section index="3.91.4" title="Reference" ref="VULNAUDIT.CVE-2014-2109.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 66470 Web link: <weblink>http://www.securityfocus.com/bid/66470</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.92" title="CVE-2014-3327" ref="VULNAUDIT.CVE-2014-3327">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/11/14</infodata>
</infobox>
<section index="3.92.1" title="Summary" ref="VULNAUDIT.CVE-2014-3327.SUMMARY">
<text>The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.</text>
</section>
<section index="3.92.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-3327.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.92.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2014-3327.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20140806 Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise</weblink>;</listitem>
<listitem>SECTRACK 1030682 Web link: <weblink>http://www.securitytracker.com/id/1030682</weblink>;</listitem>
<listitem>XF ciscoios-xe-cve20143327-dos(95137) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/95137</weblink>.</listitem>
</list>
</section>
<section index="3.92.4" title="References" ref="VULNAUDIT.CVE-2014-3327.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 69066 Web link: <weblink>http://www.securityfocus.com/bid/69066</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.93" title="CVE-2014-3354" ref="VULNAUDIT.CVE-2014-3354">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/25/14</infodata>
</infobox>
<section index="3.93.1" title="Summary" ref="VULNAUDIT.CVE-2014-3354.SUMMARY">
<text>Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547.</text>
</section>
<section index="3.93.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-3354.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.93.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2014-3354.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20140924 Cisco IOS Software RSVP Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp</weblink>.</listitem>
</list>
</section>
<section index="3.93.4" title="Reference" ref="VULNAUDIT.CVE-2014-3354.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml</weblink>;</listitem>
<listitem>BID 70131 Web link: <weblink>http://www.securityfocus.com/bid/70131</weblink>;</listitem>
<listitem>BID 70183 Web link: <weblink>http://www.securityfocus.com/bid/70183</weblink>;</listitem>
<listitem>SECTRACK 1030893 Web link: <weblink>http://www.securitytracker.com/id/1030893</weblink>;</listitem>
<listitem>XF ciscoios-cve20143354-dos(96178) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/96178</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.94" title="CVE-2015-0636" ref="VULNAUDIT.CVE-2015-0636">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.94.1" title="Summary" ref="VULNAUDIT.CVE-2015-0636.SUMMARY">
<text>The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.</text>
</section>
<section index="3.94.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0636.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.94.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0636.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani</weblink>.</listitem>
</list>
</section>
<section index="3.94.4" title="Reference" ref="VULNAUDIT.CVE-2015-0636.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1031982 Web link: <weblink>http://www.securitytracker.com/id/1031982</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.95" title="CVE-2015-0637" ref="VULNAUDIT.CVE-2015-0637">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.95.1" title="Summary" ref="VULNAUDIT.CVE-2015-0637.SUMMARY">
<text>The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315.</text>
</section>
<section index="3.95.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0637.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.95.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0637.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani</weblink>.</listitem>
</list>
</section>
<section index="3.95.4" title="Reference" ref="VULNAUDIT.CVE-2015-0637.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1031982 Web link: <weblink>http://www.securitytracker.com/id/1031982</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.96" title="CVE-2015-0642" ref="VULNAUDIT.CVE-2015-0642">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.96.1" title="Summary" ref="VULNAUDIT.CVE-2015-0642.SUMMARY">
<text>Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951.</text>
</section>
<section index="3.96.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0642.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.96.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-0642.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150325 Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=37816</weblink>.</listitem>
</list>
</section>
<section index="3.96.4" title="References" ref="VULNAUDIT.CVE-2015-0642.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 73333 Web link: <weblink>http://www.securityfocus.com/bid/73333</weblink>;</listitem>
<listitem>SECTRACK 1031978 Web link: <weblink>http://www.securitytracker.com/id/1031978</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.97" title="CVE-2015-0643" ref="VULNAUDIT.CVE-2015-0643">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.97.1" title="Summary" ref="VULNAUDIT.CVE-2015-0643.SUMMARY">
<text>Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuo75572.</text>
</section>
<section index="3.97.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0643.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.97.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-0643.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150325 Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=37815</weblink>.</listitem>
</list>
</section>
<section index="3.97.4" title="References" ref="VULNAUDIT.CVE-2015-0643.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 73333 Web link: <weblink>http://www.securityfocus.com/bid/73333</weblink>;</listitem>
<listitem>SECTRACK 1031978 Web link: <weblink>http://www.securitytracker.com/id/1031978</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.98" title="CVE-2015-0646" ref="VULNAUDIT.CVE-2015-0646">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.98.1" title="Summary" ref="VULNAUDIT.CVE-2015-0646.SUMMARY">
<text>Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted TCP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum94811.</text>
</section>
<section index="3.98.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0646.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.98.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0646.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak</weblink>.</listitem>
</list>
</section>
<section index="3.98.4" title="Reference" ref="VULNAUDIT.CVE-2015-0646.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 73340 Web link: <weblink>http://www.securityfocus.com/bid/73340</weblink>;</listitem>
<listitem>SECTRACK 1031980 Web link: <weblink>http://www.securitytracker.com/id/1031980</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.99" title="CVE-2015-0647" ref="VULNAUDIT.CVE-2015-0647">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.99.1" title="Summary" ref="VULNAUDIT.CVE-2015-0647.SUMMARY">
<text>Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371.</text>
</section>
<section index="3.99.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0647.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.99.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0647.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.100" title="CVE-2015-0648" ref="VULNAUDIT.CVE-2015-0648">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.100.1" title="Summary" ref="VULNAUDIT.CVE-2015-0648.SUMMARY">
<text>Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.</text>
</section>
<section index="3.100.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0648.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.100.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0648.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.101" title="CVE-2015-0649" ref="VULNAUDIT.CVE-2015-0649">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.101.1" title="Summary" ref="VULNAUDIT.CVE-2015-0649.SUMMARY">
<text>Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.</text>
</section>
<section index="3.101.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0649.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.101.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0649.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.102" title="CVE-2015-0650" ref="VULNAUDIT.CVE-2015-0650">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.102.1" title="Summary" ref="VULNAUDIT.CVE-2015-0650.SUMMARY">
<text>The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579.</text>
</section>
<section index="3.102.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0650.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.102.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0650.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns</weblink>.</listitem>
</list>
</section>
<section index="3.102.4" title="Reference" ref="VULNAUDIT.CVE-2015-0650.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1031979 Web link: <weblink>http://www.securitytracker.com/id/1031979</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.103" title="CVE-2015-6278" ref="VULNAUDIT.CVE-2015-6278">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/15</infodata>
</infobox>
<section index="3.103.1" title="Summary" ref="VULNAUDIT.CVE-2015-6278.SUMMARY">
<text>The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.</text>
</section>
<section index="3.103.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-6278.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.103.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-6278.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150923 Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs/cvrf/cisco-sa-20150923-fhs_cvrf.xml</weblink>;</listitem>
<listitem>SECTRACK 1033647 Web link: <weblink>http://www.securitytracker.com/id/1033647</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.104" title="CVE-2015-6279" ref="VULNAUDIT.CVE-2015-6279">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/15</infodata>
</infobox>
<section index="3.104.1" title="Summary" ref="VULNAUDIT.CVE-2015-6279.SUMMARY">
<text>The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.</text>
</section>
<section index="3.104.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-6279.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.104.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-6279.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150923 Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs/cvrf/cisco-sa-20150923-fhs_cvrf.xml</weblink>;</listitem>
<listitem>SECTRACK 1033647 Web link: <weblink>http://www.securitytracker.com/id/1033647</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.105" title="CVE-2016-1349" ref="VULNAUDIT.CVE-2016-1349">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/16</infodata>
</infobox>
<section index="3.105.1" title="Summary" ref="VULNAUDIT.CVE-2016-1349.SUMMARY">
<text>The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.</text>
</section>
<section index="3.105.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-1349.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.105.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-1349.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160323 Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi</weblink>.</listitem>
</list>
</section>
<section index="3.105.4" title="Reference" ref="VULNAUDIT.CVE-2016-1349.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1035385 Web link: <weblink>http://www.securitytracker.com/id/1035385</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.106" title="CVE-2016-6379" ref="VULNAUDIT.CVE-2016-6379">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.106.1" title="Summary" ref="VULNAUDIT.CVE-2016-6379.SUMMARY">
<text>Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.</text>
</section>
<section index="3.106.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6379.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.106.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6379.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr</weblink>.</listitem>
</list>
</section>
<section index="3.106.4" title="Reference" ref="VULNAUDIT.CVE-2016-6379.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93205 Web link: <weblink>http://www.securityfocus.com/bid/93205</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.107" title="CVE-2016-6384" ref="VULNAUDIT.CVE-2016-6384">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.107.1" title="Summary" ref="VULNAUDIT.CVE-2016-6384.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257.</text>
</section>
<section index="3.107.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6384.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.107.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6384.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323</weblink>.</listitem>
</list>
</section>
<section index="3.107.4" title="Reference" ref="VULNAUDIT.CVE-2016-6384.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93209 Web link: <weblink>http://www.securityfocus.com/bid/93209</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.108" title="CVE-2016-6385" ref="VULNAUDIT.CVE-2016-6385">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.108.1" title="Summary" ref="VULNAUDIT.CVE-2016-6385.SUMMARY">
<text>Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.</text>
</section>
<section index="3.108.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6385.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.108.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2016-6385.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi</weblink>;</listitem>
<listitem>BID 93203 Web link: <weblink>http://www.securityfocus.com/bid/93203</weblink>;</listitem>
<listitem>MISC Web link: <weblink>https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.109" title="CVE-2016-6391" ref="VULNAUDIT.CVE-2016-6391">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.109.1" title="Summary" ref="VULNAUDIT.CVE-2016-6391.SUMMARY">
<text>Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.</text>
</section>
<section index="3.109.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6391.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.109.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6391.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip</weblink>.</listitem>
</list>
</section>
<section index="3.109.4" title="Reference" ref="VULNAUDIT.CVE-2016-6391.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93197 Web link: <weblink>http://www.securityfocus.com/bid/93197</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.110" title="CVE-2016-6392" ref="VULNAUDIT.CVE-2016-6392">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.110.1" title="Summary" ref="VULNAUDIT.CVE-2016-6392.SUMMARY">
<text>Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767.</text>
</section>
<section index="3.110.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6392.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.110.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6392.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp</weblink>.</listitem>
</list>
</section>
<section index="3.110.4" title="Reference" ref="VULNAUDIT.CVE-2016-6392.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93211 Web link: <weblink>http://www.securityfocus.com/bid/93211</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.111" title="CVE-2017-3857" ref="VULNAUDIT.CVE-2017-3857">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/22/17</infodata>
</infobox>
<section index="3.111.1" title="Summary" ref="VULNAUDIT.CVE-2017-3857.SUMMARY">
<text>A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078.</text>
</section>
<section index="3.111.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3857.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.111.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2017-3857.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>BID 97010 Web link: <weblink>http://www.securityfocus.com/bid/97010</weblink>.</listitem>
</list>
</section>
<section index="3.111.4" title="Reference" ref="VULNAUDIT.CVE-2017-3857.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.112" title="CVE-2017-3860" ref="VULNAUDIT.CVE-2017-3860">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/20/17</infodata>
</infobox>
<section index="3.112.1" title="Summary" ref="VULNAUDIT.CVE-2017-3860.SUMMARY">
<text>Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCur29331.</text>
</section>
<section index="3.112.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3860.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.112.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3860.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97935 Web link: <weblink>http://www.securityfocus.com/bid/97935</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.113" title="CVE-2017-3861" ref="VULNAUDIT.CVE-2017-3861">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/20/17</infodata>
</infobox>
<section index="3.113.1" title="Summary" ref="VULNAUDIT.CVE-2017-3861.SUMMARY">
<text>Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCut47751.</text>
</section>
<section index="3.113.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3861.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.113.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3861.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97935 Web link: <weblink>http://www.securityfocus.com/bid/97935</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.114" title="CVE-2017-3862" ref="VULNAUDIT.CVE-2017-3862">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/20/17</infodata>
</infobox>
<section index="3.114.1" title="Summary" ref="VULNAUDIT.CVE-2017-3862.SUMMARY">
<text>Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCuu76493.</text>
</section>
<section index="3.114.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3862.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.114.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3862.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97935 Web link: <weblink>http://www.securityfocus.com/bid/97935</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.115" title="CVE-2017-3863" ref="VULNAUDIT.CVE-2017-3863">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/20/17</infodata>
</infobox>
<section index="3.115.1" title="Summary" ref="VULNAUDIT.CVE-2017-3863.SUMMARY">
<text>Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCut50727.</text>
</section>
<section index="3.115.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3863.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.115.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3863.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97935 Web link: <weblink>http://www.securityfocus.com/bid/97935</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.116" title="CVE-2017-3864" ref="VULNAUDIT.CVE-2017-3864">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:C (7.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/22/17</infodata>
</infobox>
<section index="3.116.1" title="Summary" ref="VULNAUDIT.CVE-2017-3864.SUMMARY">
<text>A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and using a specific DHCP client configuration. Cisco Bug IDs: CSCuu43892.</text>
</section>
<section index="3.116.2" title="Affected Device" ref="VULNAUDIT.CVE-2017-3864.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.116.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2017-3864.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 97012 Web link: <weblink>http://www.securityfocus.com/bid/97012</weblink>;</listitem>
<listitem>Web link: <weblink>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.117" title="CVE-2001-0929" ref="VULNAUDIT.CVE-2001-0929">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/28/01</infodata>
</infobox>
<section index="3.117.1" title="Summary" ref="VULNAUDIT.CVE-2001-0929.SUMMARY">
<text>Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.</text>
</section>
<section index="3.117.2" title="Affected Device" ref="VULNAUDIT.CVE-2001-0929.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.117.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2001-0929.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20011128 A Vulnerability in IOS Firewall Feature Set Web link: <weblink>http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.117.4" title="Reference" ref="VULNAUDIT.CVE-2001-0929.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#362483 Web link: <weblink>http://www.kb.cert.org/vuls/id/362483</weblink>;</listitem>
<listitem>BID 3588 Web link: <weblink>http://www.securityfocus.com/bid/3588</weblink>;</listitem>
<listitem>XF ios-cbac-bypass-acl(7614) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/7614</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.118" title="CVE-2003-0647" ref="VULNAUDIT.CVE-2003-0647">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/27/03</infodata>
</infobox>
<section index="3.118.1" title="Summary" ref="VULNAUDIT.CVE-2003-0647.SUMMARY">
<text>Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.</text>
</section>
<section index="3.118.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0647.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.118.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2003-0647.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20030731 Sending 2GB Data in GET Request Causes Buffer Overflow in Cisco IOS Software Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sn-20030730-ios-2gb-get.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#579324 Web link: <weblink>http://www.kb.cert.org/vuls/id/579324</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.119" title="CVE-2003-1109" ref="VULNAUDIT.CVE-2003-1109">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/03</infodata>
</infobox>
<section index="3.119.1" title="Summary" ref="VULNAUDIT.CVE-2003-1109.SUMMARY">
<text>The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.</text>
</section>
<section index="3.119.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-1109.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.119.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2003-1109.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT CA-2003-06 Web link: <weblink>http://www.cert.org/advisories/CA-2003-06.html</weblink>;</listitem>
<listitem>CERT-VN VU#528719 Web link: <weblink>http://www.kb.cert.org/vuls/id/528719</weblink>.</listitem>
</list>
</section>
<section index="3.119.4" title="References" ref="VULNAUDIT.CVE-2003-1109.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/</weblink>;</listitem>
<listitem>BID 6904 Web link: <weblink>http://www.securityfocus.com/bid/6904</weblink>;</listitem>
<listitem>SECTRACK 1006143 Web link: <weblink>http://www.securitytracker.com/id?1006143</weblink>;</listitem>
<listitem>SECTRACK 1006144 Web link: <weblink>http://www.securitytracker.com/id?1006144</weblink>;</listitem>
<listitem>SECTRACK 1006145 Web link: <weblink>http://www.securitytracker.com/id?1006145</weblink>;</listitem>
<listitem>XF sip-invite(11379) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/11379</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.120" title="CVE-2004-0054" ref="VULNAUDIT.CVE-2004-0054">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">2/17/04</infodata>
</infobox>
<section index="3.120.1" title="Summary" ref="VULNAUDIT.CVE-2004-0054.SUMMARY">
<text>Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.</text>
</section>
<section index="3.120.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0054.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.120.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0054.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT CA-2004-01 Web link: <weblink>http://www.cert.org/advisories/CA-2004-01.html</weblink>;</listitem>
<listitem>CISCO 20040113 Vulnerabilities in H.323 Message Processing Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#749342 Web link: <weblink>http://www.kb.cert.org/vuls/id/749342</weblink>.</listitem>
</list>
</section>
<section index="3.120.4" title="References" ref="VULNAUDIT.CVE-2004-0054.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 9406 Web link: <weblink>http://www.securityfocus.com/bid/9406</weblink>;</listitem>
<listitem>SECTRACK 1008685 Web link: <weblink>http://www.securitytracker.com/id?1008685</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.uniras.gov.uk/vuls/2004/006489/h323.htm</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.121" title="CVE-2005-1057" ref="VULNAUDIT.CVE-2005-1057">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.121.1" title="Summary" ref="VULNAUDIT.CVE-2005-1057.SUMMARY">
<text>Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a &quot;malformed packet.&quot;</text>
</section>
<section index="3.121.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-1057.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.121.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-1057.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20050406 Vulnerabilities in the Internet Key Exchange Xauth Implementation Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.122" title="CVE-2005-1058" ref="VULNAUDIT.CVE-2005-1058">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.122.1" title="Summary" ref="VULNAUDIT.CVE-2005-1058.SUMMARY">
<text>Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.</text>
</section>
<section index="3.122.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-1058.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.122.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-1058.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20050406 Vulnerabilities in the Internet Key Exchange Xauth Implementation Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.123" title="CVE-2005-2105" ref="VULNAUDIT.CVE-2005-2105">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/5/05</infodata>
</infobox>
<section index="3.123.1" title="Summary" ref="VULNAUDIT.CVE-2005-2105.SUMMARY">
<text>Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.</text>
</section>
<section index="3.123.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-2105.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.123.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-2105.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20050629 RADIUS Authentication Bypass Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.123.4" title="Reference" ref="VULNAUDIT.CVE-2005-2105.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1014330 Web link: <weblink>http://www.securitytracker.com/alerts/2005/Jun/1014330.html</weblink>;</listitem>
<listitem>XF radius-authentication-bypass(21190) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/21190</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.124" title="CVE-2005-2841" ref="VULNAUDIT.CVE-2005-2841">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.5</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:P/A:P (7.5)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.5)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/8/05</infodata>
</infobox>
<section index="3.124.1" title="Summary" ref="VULNAUDIT.CVE-2005-2841.SUMMARY">
<text>Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.</text>
</section>
<section index="3.124.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-2841.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.124.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-2841.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050907 Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#236045 Web link: <weblink>http://www.kb.cert.org/vuls/id/236045</weblink>.</listitem>
</list>
</section>
<section index="3.124.4" title="References" ref="VULNAUDIT.CVE-2005-2841.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>VUPEN ADV-2005-1669 Web link: <weblink>http://www.vupen.com/english/advisories/2005/1669</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.125" title="CVE-2002-1024" ref="VULNAUDIT.CVE-2002-1024">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/4/02</infodata>
</infobox>
<section index="3.125.1" title="Summary" ref="VULNAUDIT.CVE-2002-1024.SUMMARY">
<text>Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).</text>
</section>
<section index="3.125.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1024.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.125.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2002-1024.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>XF cisco-ssh-scan-dos(9437) Web link: <weblink>http://www.iss.net/security_center/static/9437.php</weblink>;</listitem>
<listitem>BID 5114 Web link: <weblink>http://www.securityfocus.com/bid/5114</weblink>.</listitem>
</list>
</section>
<section index="3.125.4" title="References" ref="VULNAUDIT.CVE-2002-1024.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20020627 Scanning for SSH Can Cause a Crash Web link: <weblink>http://www.cisco.com/warp/public/707/SSH-scanning.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#290140 Web link: <weblink>http://www.kb.cert.org/vuls/id/290140</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.126" title="CVE-2005-1020" ref="VULNAUDIT.CVE-2005-1020">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.126.1" title="Summary" ref="VULNAUDIT.CVE-2005-1020.SUMMARY">
<text>Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.</text>
</section>
<section index="3.126.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-1020.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.126.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-1020.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050406 Vulnerabilities in Cisco IOS Secure Shell Server Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml</weblink>;</listitem>
<listitem>SECTRACK 1013655 Web link: <weblink>http://www.securitytracker.com/alerts/2005/Apr/1013655.html</weblink>.</listitem>
</list>
</section>
<section index="3.126.4" title="References" ref="VULNAUDIT.CVE-2005-1020.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 13043 Web link: <weblink>http://www.securityfocus.com/bid/13043</weblink>;</listitem>
<listitem>XF cisco-ios-sshv2-tacacs-authentication-dos(19987) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19987</weblink>;</listitem>
<listitem>XF cisco-ios-authentication-send-dos(19989) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19989</weblink>;</listitem>
<listitem>XF cisco-ios-ssh-message-log-dos(19990) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19990</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.127" title="CVE-2005-1021" ref="VULNAUDIT.CVE-2005-1021">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.127.1" title="Summary" ref="VULNAUDIT.CVE-2005-1021.SUMMARY">
<text>Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.</text>
</section>
<section index="3.127.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-1021.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.127.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-1021.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20050406 Vulnerabilities in Cisco IOS Secure Shell Server Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.127.4" title="Reference" ref="VULNAUDIT.CVE-2005-1021.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 13042 Web link: <weblink>http://www.securityfocus.com/bid/13042</weblink>;</listitem>
<listitem>SECTRACK 1013655 Web link: <weblink>http://www.securitytracker.com/alerts/2005/Apr/1013655.html</weblink>;</listitem>
<listitem>XF cisco-ios-memory-leak-dos(19991) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19991</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.128" title="CVE-2006-0340" ref="VULNAUDIT.CVE-2006-0340">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/20/06</infodata>
</infobox>
<section index="3.128.1" title="Summary" ref="VULNAUDIT.CVE-2006-0340.SUMMARY">
<text>Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.</text>
</section>
<section index="3.128.2" title="Affected Device" ref="VULNAUDIT.CVE-2006-0340.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.128.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2006-0340.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20060118 IOS Stack Group Bidding Protocol Crafted Packet DoS Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.128.4" title="Reference" ref="VULNAUDIT.CVE-2006-0340.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SREASON 358 Web link: <weblink>http://securityreason.com/securityalert/358</weblink>;</listitem>
<listitem>SECTRACK 1015501 Web link: <weblink>http://securitytracker.com/id?1015501</weblink>;</listitem>
<listitem>BID 16303 Web link: <weblink>http://www.securityfocus.com/bid/16303</weblink>;</listitem>
<listitem>VUPEN ADV-2006-0248 Web link: <weblink>http://www.vupen.com/english/advisories/2006/0248</weblink>;</listitem>
<listitem>XF cisco-ios-sgbp-dos(24182) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/24182</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.129" title="CVE-2007-4291" ref="VULNAUDIT.CVE-2007-4291">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.129.1" title="Summary" ref="VULNAUDIT.CVE-2007-4291.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption.</text>
</section>
<section index="3.129.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4291.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.129.3" title="References" ref="VULNAUDIT.CVE-2007-4291.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1018533 Web link: <weblink>http://securitytracker.com/id?1018533</weblink>;</listitem>
<listitem>CISCO 20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml</weblink>;</listitem>
<listitem>BID 25239 Web link: <weblink>http://www.securityfocus.com/bid/25239</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2816 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2816</weblink>;</listitem>
<listitem>XF cisco-ios-mgcp-dos(35903) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35903</weblink>;</listitem>
<listitem>XF cisco-ios-h323-dos(35904) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35904</weblink>;</listitem>
<listitem>XF cisco-ios-rtp-dos(35905) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35905</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.130" title="CVE-2007-4293" ref="VULNAUDIT.CVE-2007-4293">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.130.1" title="Summary" ref="VULNAUDIT.CVE-2007-4293.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) &quot;abnormal&quot; MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.</text>
</section>
<section index="3.130.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4293.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.130.3" title="References" ref="VULNAUDIT.CVE-2007-4293.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1018533 Web link: <weblink>http://securitytracker.com/id?1018533</weblink>;</listitem>
<listitem>CISCO 20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml</weblink>;</listitem>
<listitem>BID 25239 Web link: <weblink>http://www.securityfocus.com/bid/25239</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2816 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2816</weblink>;</listitem>
<listitem>XF cisco-ios-facsimile-dos(35907) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/35907</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.131" title="CVE-2007-5651" ref="VULNAUDIT.CVE-2007-5651">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/23/07</infodata>
</infobox>
<section index="3.131.1" title="Summary" ref="VULNAUDIT.CVE-2007-5651.SUMMARY">
<text>Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.</text>
</section>
<section index="3.131.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-5651.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.131.3" title="References" ref="VULNAUDIT.CVE-2007-5651.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20071019 Extensible Authentication Protocol Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html</weblink>;</listitem>
<listitem>BID 26139 Web link: <weblink>http://www.securityfocus.com/bid/26139</weblink>;</listitem>
<listitem>SECTRACK 1018842 Web link: <weblink>http://www.securitytracker.com/id?1018842</weblink>;</listitem>
<listitem>VUPEN ADV-2007-3566 Web link: <weblink>http://www.vupen.com/english/advisories/2007/3566</weblink>;</listitem>
<listitem>XF cisco-eap-dos(37300) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/37300</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.132" title="CVE-2008-1150" ref="VULNAUDIT.CVE-2008-1150">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/08</infodata>
</infobox>
<section index="3.132.1" title="Summary" ref="VULNAUDIT.CVE-2008-1150.SUMMARY">
<text>The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309.</text>
</section>
<section index="3.132.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-1150.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.132.3" title="References" ref="VULNAUDIT.CVE-2008-1150.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1019714 Web link: <weblink>http://securitytracker.com/id?1019714</weblink>;</listitem>
<listitem>CISCO 20080326 Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml</weblink>;</listitem>
<listitem>BID 28460 Web link: <weblink>http://www.securityfocus.com/bid/28460</weblink>;</listitem>
<listitem>CERT TA08-087B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA08-087B.html</weblink>;</listitem>
<listitem>VUPEN ADV-2008-1006 Web link: <weblink>http://www.vupen.com/english/advisories/2008/1006/references</weblink>;</listitem>
<listitem>XF cisco-ios-vpdn-idb-dos(41484) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/41484</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.133" title="CVE-2008-1151" ref="VULNAUDIT.CVE-2008-1151">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/08</infodata>
</infobox>
<section index="3.133.1" title="Summary" ref="VULNAUDIT.CVE-2008-1151.SUMMARY">
<text>Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to &quot;dead memory&quot; that remains allocated after process termination, aka bug ID CSCsj58566.</text>
</section>
<section index="3.133.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-1151.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.133.3" title="References" ref="VULNAUDIT.CVE-2008-1151.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1019714 Web link: <weblink>http://securitytracker.com/id?1019714</weblink>;</listitem>
<listitem>CISCO 20080326 Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml</weblink>;</listitem>
<listitem>BID 28460 Web link: <weblink>http://www.securityfocus.com/bid/28460</weblink>;</listitem>
<listitem>CERT TA08-087B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA08-087B.html</weblink>;</listitem>
<listitem>VUPEN ADV-2008-1006 Web link: <weblink>http://www.vupen.com/english/advisories/2008/1006/references</weblink>;</listitem>
<listitem>XF cisco-ios-vpdn-pptp-dos(41483) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/41483</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.134" title="CVE-2008-1153" ref="VULNAUDIT.CVE-2008-1153">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/08</infodata>
</infobox>
<section index="3.134.1" title="Summary" ref="VULNAUDIT.CVE-2008-1153.SUMMARY">
<text>Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.</text>
</section>
<section index="3.134.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-1153.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.134.3" title="References" ref="VULNAUDIT.CVE-2008-1153.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080326 Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#936177 Web link: <weblink>http://www.kb.cert.org/vuls/id/936177</weblink>;</listitem>
<listitem>BID 28461 Web link: <weblink>http://www.securityfocus.com/bid/28461</weblink>;</listitem>
<listitem>SECTRACK 1019713 Web link: <weblink>http://www.securitytracker.com/id?1019713</weblink>;</listitem>
<listitem>CERT TA08-087B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA08-087B.html</weblink>;</listitem>
<listitem>VUPEN ADV-2008-1006 Web link: <weblink>http://www.vupen.com/english/advisories/2008/1006/references</weblink>;</listitem>
<listitem>XF cisco-ios-ipv6-dualstack-dos(41475) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/41475</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.135" title="CVE-2008-3800" ref="VULNAUDIT.CVE-2008-3800">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.135.1" title="Summary" ref="VULNAUDIT.CVE-2008-3800.SUMMARY">
<text>Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.</text>
</section>
<section index="3.135.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3800.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.135.3" title="References" ref="VULNAUDIT.CVE-2008-3800.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml</weblink>;</listitem>
<listitem>CISCO 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml</weblink>;</listitem>
<listitem>BID 31367 Web link: <weblink>http://www.securityfocus.com/bid/31367</weblink>;</listitem>
<listitem>SECTRACK 1020939 Web link: <weblink>http://www.securitytracker.com/id?1020939</weblink>;</listitem>
<listitem>SECTRACK 1020942 Web link: <weblink>http://www.securitytracker.com/id?1020942</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2671 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2671</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.136" title="CVE-2008-3801" ref="VULNAUDIT.CVE-2008-3801">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.136.1" title="Summary" ref="VULNAUDIT.CVE-2008-3801.SUMMARY">
<text>Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.</text>
</section>
<section index="3.136.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3801.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.136.3" title="References" ref="VULNAUDIT.CVE-2008-3801.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml</weblink>;</listitem>
<listitem>CISCO 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml</weblink>;</listitem>
<listitem>BID 31367 Web link: <weblink>http://www.securityfocus.com/bid/31367</weblink>;</listitem>
<listitem>SECTRACK 1020939 Web link: <weblink>http://www.securitytracker.com/id?1020939</weblink>;</listitem>
<listitem>SECTRACK 1020942 Web link: <weblink>http://www.securitytracker.com/id?1020942</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2671 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2671</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.137" title="CVE-2008-3802" ref="VULNAUDIT.CVE-2008-3802">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.137.1" title="Summary" ref="VULNAUDIT.CVE-2008-3802.SUMMARY">
<text>Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.</text>
</section>
<section index="3.137.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3802.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.137.3" title="References" ref="VULNAUDIT.CVE-2008-3802.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020939 Web link: <weblink>http://www.securitytracker.com/id?1020939</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.138" title="CVE-2008-3804" ref="VULNAUDIT.CVE-2008-3804">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.138.1" title="Summary" ref="VULNAUDIT.CVE-2008-3804.SUMMARY">
<text>Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.</text>
</section>
<section index="3.138.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3804.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.138.3" title="References" ref="VULNAUDIT.CVE-2008-3804.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080924 Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ac.shtml</weblink>;</listitem>
<listitem>SECTRACK 1020934 Web link: <weblink>http://www.securitytracker.com/id?1020934</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.139" title="CVE-2008-3809" ref="VULNAUDIT.CVE-2008-3809">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/26/08</infodata>
</infobox>
<section index="3.139.1" title="Summary" ref="VULNAUDIT.CVE-2008-3809.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.</text>
</section>
<section index="3.139.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3809.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.139.3" title="References" ref="VULNAUDIT.CVE-2008-3809.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=16638</weblink>;</listitem>
<listitem>CISCO 20080924 Multiple Multicast Vulnerabilities in Cisco IOS Software Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01491.shtml</weblink>;</listitem>
<listitem>BID 31356 Web link: <weblink>http://www.securityfocus.com/bid/31356</weblink>;</listitem>
<listitem>SECTRACK 1020936 Web link: <weblink>http://www.securitytracker.com/id?1020936</weblink>;</listitem>
<listitem>VUPEN ADV-2008-2670 Web link: <weblink>http://www.vupen.com/english/advisories/2008/2670</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.140" title="CVE-2008-4609" ref="VULNAUDIT.CVE-2008-4609">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/20/08</infodata>
</infobox>
<section index="3.140.1" title="Summary" ref="VULNAUDIT.CVE-2008-4609.SUMMARY">
<text>The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.</text>
</section>
<section index="3.140.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-4609.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.140.3" title="References" ref="VULNAUDIT.CVE-2008-4609.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>MISC Web link: <weblink>http://blog.robertlee.name/2008/10/conjecture-speculation.html</weblink>;</listitem>
<listitem>MLIST [dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation Web link: <weblink>http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html</weblink>;</listitem>
<listitem>HP SSRT080138 Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=125856010926699&amp;w=2</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked</weblink>;</listitem>
<listitem>CISCO 20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml</weblink>;</listitem>
<listitem>CISCO 20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf</weblink>;</listitem>
<listitem>MANDRIVA MDVSA-2013:150 Web link: <weblink>http://www.mandriva.com/security/advisories?name=MDVSA-2013:150</weblink>;</listitem>
<listitem>MS MS09-048 Web link: <weblink>http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.outpost24.com/news/news-2008-10-02.html</weblink>;</listitem>
<listitem>CERT TA09-251A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA09-251A.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.141" title="CVE-2009-0630" ref="VULNAUDIT.CVE-2009-0630">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/09</infodata>
</infobox>
<section index="3.141.1" title="Summary" ref="VULNAUDIT.CVE-2009-0630.SUMMARY">
<text>The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.</text>
</section>
<section index="3.141.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-0630.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.141.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-0630.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml</weblink>;</listitem>
<listitem>CISCO 20090325 Cisco IOS Software Multiple Features IP Sockets Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c6.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2009-0851 Web link: <weblink>http://www.vupen.com/english/advisories/2009/0851</weblink>;</listitem>
<listitem>XF ios-ipsockets-dos(49418) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/49418</weblink>.</listitem>
</list>
</section>
<section index="3.141.4" title="References" ref="VULNAUDIT.CVE-2009-0630.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1021897 Web link: <weblink>http://securitytracker.com/id?1021897</weblink>;</listitem>
<listitem>BID 34242 Web link: <weblink>http://www.securityfocus.com/bid/34242</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.142" title="CVE-2009-0637" ref="VULNAUDIT.CVE-2009-0637">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:S/C:C/I:C/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/09</infodata>
</infobox>
<section index="3.142.1" title="Summary" ref="VULNAUDIT.CVE-2009-0637.SUMMARY">
<text>The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.</text>
</section>
<section index="3.142.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-0637.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.142.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-0637.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml</weblink>;</listitem>
<listitem>CISCO 20090325 Cisco IOS Software Secure Copy Privilege Escalation Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c8.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2009-0851 Web link: <weblink>http://www.vupen.com/english/advisories/2009/0851</weblink>.</listitem>
</list>
</section>
<section index="3.142.4" title="References" ref="VULNAUDIT.CVE-2009-0637.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1021899 Web link: <weblink>http://securitytracker.com/id?1021899</weblink>;</listitem>
<listitem>BID 34247 Web link: <weblink>http://www.securityfocus.com/bid/34247</weblink>;</listitem>
<listitem>XF ios-scp-priv-escalation(49423) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/49423</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.143" title="CVE-2009-1168" ref="VULNAUDIT.CVE-2009-1168">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/30/09</infodata>
</infobox>
<section index="3.143.1" title="Summary" ref="VULNAUDIT.CVE-2009-1168.SUMMARY">
<text>Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021.</text>
</section>
<section index="3.143.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-1168.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.143.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2009-1168.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.143.4" title="Reference" ref="VULNAUDIT.CVE-2009-1168.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 35862 Web link: <weblink>http://www.securityfocus.com/bid/35862</weblink>;</listitem>
<listitem>SECTRACK 1022619 Web link: <weblink>http://www.securitytracker.com/id?1022619</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2082 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2082</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.144" title="CVE-2009-2863" ref="VULNAUDIT.CVE-2009-2863">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:C/I:N/A:N (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.144.1" title="Summary" ref="VULNAUDIT.CVE-2009-2863.SUMMARY">
<text>Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.</text>
</section>
<section index="3.144.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2863.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.144.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2863.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18882</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Authentication Proxy Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8132.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.144.4" title="References" ref="VULNAUDIT.CVE-2009-2863.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 36491 Web link: <weblink>http://www.securityfocus.com/bid/36491</weblink>;</listitem>
<listitem>SECTRACK 1022935 Web link: <weblink>http://www.securitytracker.com/id?1022935</weblink>;</listitem>
<listitem>XF ciscoios-authenticationproxy-sec-bypass(53453) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/53453</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.145" title="CVE-2009-2873" ref="VULNAUDIT.CVE-2009-2873">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.145.1" title="Summary" ref="VULNAUDIT.CVE-2009-2873.SUMMARY">
<text>Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.</text>
</section>
<section index="3.145.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2873.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.145.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2873.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18895</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Tunnels Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8115.shtml</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html</weblink>.</listitem>
</list>
</section>
<section index="3.145.4" title="References" ref="VULNAUDIT.CVE-2009-2873.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.146" title="CVE-2010-0577" ref="VULNAUDIT.CVE-2010-0577">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/25/10</infodata>
</infobox>
<section index="3.146.1" title="Summary" ref="VULNAUDIT.CVE-2010-0577.SUMMARY">
<text>Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.</text>
</section>
<section index="3.146.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-0577.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.146.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-0577.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100324 Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f34.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.146.4" title="Reference" ref="VULNAUDIT.CVE-2010-0577.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 38930 Web link: <weblink>http://www.securityfocus.com/bid/38930</weblink>;</listitem>
<listitem>SECTRACK 1023743 Web link: <weblink>http://www.securitytracker.com/id?1023743</weblink>;</listitem>
<listitem>VUPEN ADV-2010-0703 Web link: <weblink>http://www.vupen.com/english/advisories/2010/0703</weblink>;</listitem>
<listitem>XF ciscoios-tcpsegment-dos(57129) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/57129</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.147" title="CVE-2010-2830" ref="VULNAUDIT.CVE-2010-2830">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/23/10</infodata>
</infobox>
<section index="3.147.1" title="Summary" ref="VULNAUDIT.CVE-2010-2830.SUMMARY">
<text>The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.</text>
</section>
<section index="3.147.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-2830.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.147.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2010-2830.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20100922 Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a310.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.148" title="CVE-2010-4684" ref="VULNAUDIT.CVE-2010-4684">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.148.1" title="Summary" ref="VULNAUDIT.CVE-2010-4684.SUMMARY">
<text>Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877.</text>
</section>
<section index="3.148.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4684.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.148.3" title="References" ref="VULNAUDIT.CVE-2010-4684.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45769 Web link: <weblink>http://www.securityfocus.com/bid/45769</weblink>;</listitem>
<listitem>XF ciscoios-tftp-dos(64587) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64587</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.149" title="CVE-2012-0382" ref="VULNAUDIT.CVE-2012-0382">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/29/12</infodata>
</infobox>
<section index="3.149.1" title="Summary" ref="VULNAUDIT.CVE-2012-0382.SUMMARY">
<text>The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) via encapsulated IGMP data in an MSDP packet, aka Bug ID CSCtr28857.</text>
</section>
<section index="3.149.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0382.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.149.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-0382.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20120328 Cisco IOS Software Multicast Source Discovery Protocol Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-msdp</weblink>.</listitem>
</list>
</section>
<section index="3.149.4" title="Reference" ref="VULNAUDIT.CVE-2012-0382.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 52759 Web link: <weblink>http://www.securityfocus.com/bid/52759</weblink>;</listitem>
<listitem>SECTRACK 1026868 Web link: <weblink>http://www.securitytracker.com/id?1026868</weblink>;</listitem>
<listitem>XF ciscoios-msdp-dos(74431) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/74431</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.150" title="CVE-2013-1143" ref="VULNAUDIT.CVE-2013-1143">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/28/13</infodata>
</infobox>
<section index="3.150.1" title="Summary" ref="VULNAUDIT.CVE-2013-1143.SUMMARY">
<text>The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.</text>
</section>
<section index="3.150.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-1143.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.150.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-1143.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130327 Cisco IOS Software RSVP Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1143</weblink>.</listitem>
</list>
</section>
<section index="3.150.4" title="Reference" ref="VULNAUDIT.CVE-2013-1143.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20130327 Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.151" title="CVE-2013-5472" ref="VULNAUDIT.CVE-2013-5472">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.151.1" title="Summary" ref="VULNAUDIT.CVE-2013-5472.SUMMARY">
<text>The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226.</text>
</section>
<section index="3.151.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5472.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.151.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5472.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.152" title="CVE-2013-5481" ref="VULNAUDIT.CVE-2013-5481">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/27/13</infodata>
</infobox>
<section index="3.152.1" title="Summary" ref="VULNAUDIT.CVE-2013-5481.SUMMARY">
<text>The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817.</text>
</section>
<section index="3.152.2" title="Affected Device" ref="VULNAUDIT.CVE-2013-5481.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.152.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2013-5481.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20130925 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.153" title="CVE-2014-2107" ref="VULNAUDIT.CVE-2014-2107">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/14</infodata>
</infobox>
<section index="3.153.1" title="Summary" ref="VULNAUDIT.CVE-2014-2107.SUMMARY">
<text>Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.</text>
</section>
<section index="3.153.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-2107.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.153.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2014-2107.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20140326 Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-RSP72010GE</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.154" title="CVE-2014-2111" ref="VULNAUDIT.CVE-2014-2111">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/14</infodata>
</infobox>
<section index="3.154.1" title="Summary" ref="VULNAUDIT.CVE-2014-2111.SUMMARY">
<text>The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.</text>
</section>
<section index="3.154.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-2111.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.154.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2014-2111.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20140326 Cisco IOS Software Network Address Translation Vulnerabilities Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat</weblink>.</listitem>
</list>
</section>
<section index="3.154.4" title="Reference" ref="VULNAUDIT.CVE-2014-2111.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 66470 Web link: <weblink>http://www.securityfocus.com/bid/66470</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.155" title="CVE-2015-0638" ref="VULNAUDIT.CVE-2015-0638">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/26/15</infodata>
</infobox>
<section index="3.155.1" title="Summary" ref="VULNAUDIT.CVE-2015-0638.SUMMARY">
<text>Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145.</text>
</section>
<section index="3.155.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0638.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.155.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2015-0638.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20150325 Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge</weblink>.</listitem>
</list>
</section>
<section index="3.155.4" title="Reference" ref="VULNAUDIT.CVE-2015-0638.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1031983 Web link: <weblink>http://www.securitytracker.com/id/1031983</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.156" title="CVE-2015-0681" ref="VULNAUDIT.CVE-2015-0681">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/24/15</infodata>
</infobox>
<section index="3.156.1" title="Summary" ref="VULNAUDIT.CVE-2015-0681.SUMMARY">
<text>The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733.</text>
</section>
<section index="3.156.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0681.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.156.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-0681.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150722 Cisco IOS Software TFTP Server Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp/cvrf/cisco-sa-20150722-tftp_cvrf.xml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.157" title="CVE-2016-6393" ref="VULNAUDIT.CVE-2016-6393">
<infobox type="information" position="topright" title="Overall Rating: High" dataformat="dual">
<infodata label="CVSSv2 Score">7.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:C (7.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (7.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/5/16</infodata>
</infobox>
<section index="3.157.1" title="Summary" ref="VULNAUDIT.CVE-2016-6393.SUMMARY">
<text>The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.</text>
</section>
<section index="3.157.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6393.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.157.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2016-6393.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20160928 Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados</weblink>;</listitem>
<listitem>BID 93196 Web link: <weblink>http://www.securityfocus.com/bid/93196</weblink>;</listitem>
<listitem>MISC Web link: <weblink>https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.158" title="CVE-2007-4295" ref="VULNAUDIT.CVE-2007-4295">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:P/I:P/A:P (6.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/9/07</infodata>
</infobox>
<section index="3.158.1" title="Summary" ref="VULNAUDIT.CVE-2007-4295.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.</text>
</section>
<section index="3.158.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4295.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.158.3" title="References" ref="VULNAUDIT.CVE-2007-4295.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1018533 Web link: <weblink>http://securitytracker.com/id?1018533</weblink>;</listitem>
<listitem>CISCO 20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml</weblink>;</listitem>
<listitem>BID 25239 Web link: <weblink>http://www.securityfocus.com/bid/25239</weblink>;</listitem>
<listitem>VUPEN ADV-2007-2816 Web link: <weblink>http://www.vupen.com/english/advisories/2007/2816</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.159" title="CVE-2009-2872" ref="VULNAUDIT.CVE-2009-2872">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:S/C:N/I:N/A:C (6.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.159.1" title="Summary" ref="VULNAUDIT.CVE-2009-2872.SUMMARY">
<text>Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776.</text>
</section>
<section index="3.159.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2872.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.159.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2872.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18893</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Tunnels Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8115.shtml</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html</weblink>.</listitem>
</list>
</section>
<section index="3.159.4" title="References" ref="VULNAUDIT.CVE-2009-2872.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1022930 Web link: <weblink>http://www.securitytracker.com/id?1022930</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.160" title="CVE-2009-5040" ref="VULNAUDIT.CVE-2009-5040">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:S/C:N/I:N/A:C (6.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.160.1" title="Summary" ref="VULNAUDIT.CVE-2009-5040.SUMMARY">
<text>CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.</text>
</section>
<section index="3.160.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-5040.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.160.3" title="References" ref="VULNAUDIT.CVE-2009-5040.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45765 Web link: <weblink>http://www.securityfocus.com/bid/45765</weblink>;</listitem>
<listitem>XF ciscoios-callmanager-dos(64681) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64681</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.161" title="CVE-2012-5036" ref="VULNAUDIT.CVE-2012-5036">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:S/C:N/I:N/A:C (6.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/23/14</infodata>
</infobox>
<section index="3.161.1" title="Summary" ref="VULNAUDIT.CVE-2012-5036.SUMMARY">
<text>Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662.</text>
</section>
<section index="3.161.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-5036.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.161.3" title="References" ref="VULNAUDIT.CVE-2012-5036.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.162" title="CVE-2015-4204" ref="VULNAUDIT.CVE-2015-4204">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.8</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:S/C:N/I:N/A:C (6.8)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.8)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/23/15</infodata>
</infobox>
<section index="3.162.1" title="Summary" ref="VULNAUDIT.CVE-2015-4204.SUMMARY">
<text>Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051.</text>
</section>
<section index="3.162.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-4204.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.162.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-4204.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150622 Cisco IOS Software UBR Devices SNMP Subsystem Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=39440</weblink>;</listitem>
<listitem>BID 75337 Web link: <weblink>http://www.securityfocus.com/bid/75337</weblink>;</listitem>
<listitem>SECTRACK 1032692 Web link: <weblink>http://www.securitytracker.com/id/1032692</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.163" title="CVE-2007-2587" ref="VULNAUDIT.CVE-2007-2587">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:S/C:N/I:N/A:C (6.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/9/07</infodata>
</infobox>
<section index="3.163.1" title="Summary" ref="VULNAUDIT.CVE-2007-2587.SUMMARY">
<text>The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).</text>
</section>
<section index="3.163.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-2587.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.163.3" title="References" ref="VULNAUDIT.CVE-2007-2587.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070509 Multiple Vulnerabilities in the IOS FTP Server Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml</weblink>;</listitem>
<listitem>BID 23885 Web link: <weblink>http://www.securityfocus.com/bid/23885</weblink>;</listitem>
<listitem>SECTRACK 1018030 Web link: <weblink>http://www.securitytracker.com/id?1018030</weblink>;</listitem>
<listitem>VUPEN ADV-2007-1749 Web link: <weblink>http://www.vupen.com/english/advisories/2007/1749</weblink>;</listitem>
<listitem>XF cisco-ios-ftpserver-dos(34196) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/34196</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.164" title="CVE-2015-0771" ref="VULNAUDIT.CVE-2015-0771">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:S/C:N/I:N/A:C (6.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/12/15</infodata>
</infobox>
<section index="3.164.1" title="Summary" ref="VULNAUDIT.CVE-2015-0771.SUMMARY">
<text>The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505.</text>
</section>
<section index="3.164.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-0771.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.164.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-0771.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150608 Cisco Catalyst 6500 Series Switches IPsec Tunnel Handling Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=39233</weblink>;</listitem>
<listitem>SECTRACK 1032517 Web link: <weblink>http://www.securitytracker.com/id/1032517</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.165" title="CVE-2005-0197" ref="VULNAUDIT.CVE-2005-0197">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.1</infodata>
<infodata label="CVSSv2 Base">AV:A/AC:L/Au:N/C:N/I:N/A:C (6.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.165.1" title="Summary" ref="VULNAUDIT.CVE-2005-0197.SUMMARY">
<text>Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.</text>
</section>
<section index="3.165.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-0197.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.165.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-0197.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050126 Crafted Packet Causes Reload on Cisco Routers Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#583638 Web link: <weblink>http://www.kb.cert.org/vuls/id/583638</weblink>;</listitem>
<listitem>CERT TA05-026A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA05-026A.html</weblink>;</listitem>
<listitem>XF cisco-ios-mpls-dos(19071) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19071</weblink>.</listitem>
</list>
</section>
<section index="3.165.4" title="References" ref="VULNAUDIT.CVE-2005-0197.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1013015 Web link: <weblink>http://securitytracker.com/id?1013015</weblink>;</listitem>
<listitem>BID 12369 Web link: <weblink>http://www.securityfocus.com/bid/12369</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.166" title="CVE-2007-1258" ref="VULNAUDIT.CVE-2007-1258">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.1</infodata>
<infodata label="CVSSv2 Base">AV:A/AC:L/Au:N/C:N/I:N/A:C (6.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/3/07</infodata>
</infobox>
<section index="3.166.1" title="Summary" ref="VULNAUDIT.CVE-2007-1258.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet.</text>
</section>
<section index="3.166.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-1258.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.166.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2007-1258.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20070228 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20070228-mpls.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.166.4" title="Reference" ref="VULNAUDIT.CVE-2007-1258.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1017709 Web link: <weblink>http://www.securitytracker.com/id?1017709</weblink>;</listitem>
<listitem>VUPEN ADV-2007-0782 Web link: <weblink>http://www.vupen.com/english/advisories/2007/0782</weblink>;</listitem>
<listitem>XF cisco-catalyst-mpls-dos(32748) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/32748</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.167" title="CVE-2011-3274" ref="VULNAUDIT.CVE-2011-3274">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.1</infodata>
<infodata label="CVSSv2 Base">AV:A/AC:L/Au:N/C:N/I:N/A:C (6.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/3/11</infodata>
</infobox>
<section index="3.167.1" title="Summary" ref="VULNAUDIT.CVE-2011-3274.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919.</text>
</section>
<section index="3.167.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-3274.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.167.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2011-3274.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20110928 Cisco IOS Software IPv6 over MPLS Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d52.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.167.4" title="Reference" ref="VULNAUDIT.CVE-2011-3274.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=24125</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.168" title="CVE-2014-3409" ref="VULNAUDIT.CVE-2014-3409">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">6.1</infodata>
<infodata label="CVSSv2 Base">AV:A/AC:L/Au:N/C:N/I:N/A:C (6.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (6.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/25/14</infodata>
</infobox>
<section index="3.168.1" title="Summary" ref="VULNAUDIT.CVE-2014-3409.SUMMARY">
<text>The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.</text>
</section>
<section index="3.168.2" title="Affected Device" ref="VULNAUDIT.CVE-2014-3409.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.168.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2014-3409.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20141024 Cisco IOS and IOS XE Software Ethernet Connectivity Fault Management Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3409</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=36184</weblink>;</listitem>
<listitem>BID 70715 Web link: <weblink>http://www.securityfocus.com/bid/70715</weblink>;</listitem>
<listitem>SECTRACK 1031119 Web link: <weblink>http://www.securitytracker.com/id/1031119</weblink>;</listitem>
<listitem>XF ciscoios-xe-cve20143409-dos(97758) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/97758</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.169" title="CVE-2009-0629" ref="VULNAUDIT.CVE-2009-0629">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.4</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:N/I:N/A:C (5.4)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.4)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/09</infodata>
</infobox>
<section index="3.169.1" title="Summary" ref="VULNAUDIT.CVE-2009-0629.SUMMARY">
<text>The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets.</text>
</section>
<section index="3.169.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-0629.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.169.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-0629.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml</weblink>;</listitem>
<listitem>CISCO 20090325 Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2009-0851 Web link: <weblink>http://www.vupen.com/english/advisories/2009/0851</weblink>.</listitem>
</list>
</section>
<section index="3.169.4" title="References" ref="VULNAUDIT.CVE-2009-0629.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1021903 Web link: <weblink>http://securitytracker.com/id?1021903</weblink>;</listitem>
<listitem>BID 34238 Web link: <weblink>http://www.securityfocus.com/bid/34238</weblink>;</listitem>
<listitem>XF ios-tcp-dos(49420) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/49420</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.170" title="CVE-2009-2049" ref="VULNAUDIT.CVE-2009-2049">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.4</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:N/I:N/A:C (5.4)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.4)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/30/09</infodata>
</infobox>
<section index="3.170.1" title="Summary" ref="VULNAUDIT.CVE-2009-2049.SUMMARY">
<text>Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973.</text>
</section>
<section index="3.170.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2049.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.170.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2009-2049.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.170.4" title="Reference" ref="VULNAUDIT.CVE-2009-2049.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 35860 Web link: <weblink>http://www.securityfocus.com/bid/35860</weblink>;</listitem>
<listitem>SECTRACK 1022619 Web link: <weblink>http://www.securitytracker.com/id?1022619</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2082 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2082</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.171" title="CVE-2011-1625" ref="VULNAUDIT.CVE-2011-1625">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.4</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:N/I:N/A:C (5.4)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.4)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/18/11</infodata>
</infobox>
<section index="3.171.1" title="Summary" ref="VULNAUDIT.CVE-2011-1625.SUMMARY">
<text>Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a &quot;narrow timing window,&quot; aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.</text>
</section>
<section index="3.171.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-1625.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.171.3" title="References" ref="VULNAUDIT.CVE-2011-1625.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_SCF/caveats.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.172" title="CVE-2011-4016" ref="VULNAUDIT.CVE-2011-4016">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.4</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:N/I:N/A:C (5.4)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.4)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/12</infodata>
</infobox>
<section index="3.172.1" title="Summary" ref="VULNAUDIT.CVE-2011-4016.SUMMARY">
<text>The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673.</text>
</section>
<section index="3.172.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-4016.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.172.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2011-4016.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html</weblink>;</listitem>
<listitem>SECTRACK 1027005 Web link: <weblink>http://www.securitytracker.com/id?1027005</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.173" title="CVE-2015-4203" ref="VULNAUDIT.CVE-2015-4203">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.4</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:N/I:N/A:C (5.4)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.4)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/23/15</infodata>
</infobox>
<section index="3.173.1" title="Summary" ref="VULNAUDIT.CVE-2015-4203.SUMMARY">
<text>Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.</text>
</section>
<section index="3.173.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-4203.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.173.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-4203.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150622 Cisco IOS Software UBR Devices IPv6 VPN Multiprotocol Label Switching Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=39439</weblink>;</listitem>
<listitem>BID 75339 Web link: <weblink>http://www.securityfocus.com/bid/75339</weblink>;</listitem>
<listitem>SECTRACK 1032692 Web link: <weblink>http://www.securitytracker.com/id/1032692</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.174" title="CVE-2008-1156" ref="VULNAUDIT.CVE-2008-1156">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.1</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:P/I:P/A:P (5.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">3/27/08</infodata>
</infobox>
<section index="3.174.1" title="Summary" ref="VULNAUDIT.CVE-2008-1156.SUMMARY">
<text>Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create &quot;extra multicast states on the core routers&quot; via a crafted Multicast Distribution Tree (MDT) Data Join message.</text>
</section>
<section index="3.174.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-1156.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.174.3" title="References" ref="VULNAUDIT.CVE-2008-1156.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20080326 Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml</weblink>;</listitem>
<listitem>BID 28464 Web link: <weblink>http://www.securityfocus.com/bid/28464</weblink>;</listitem>
<listitem>SECTRACK 1019715 Web link: <weblink>http://www.securitytracker.com/id?1019715</weblink>;</listitem>
<listitem>CERT TA08-087B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA08-087B.html</weblink>;</listitem>
<listitem>VUPEN ADV-2008-1006 Web link: <weblink>http://www.vupen.com/english/advisories/2008/1006/references</weblink>;</listitem>
<listitem>XF cisco-ios-mvpm-information-disclosure(41468) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/41468</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.175" title="CVE-2001-1097" ref="VULNAUDIT.CVE-2001-1097">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/24/01</infodata>
</infobox>
<section index="3.175.1" title="Summary" ref="VULNAUDIT.CVE-2001-1097.SUMMARY">
<text>Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.</text>
</section>
<section index="3.175.2" title="Affected Device" ref="VULNAUDIT.CVE-2001-1097.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.175.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2001-1097.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BUGTRAQ 20010724 UDP packet handling weird behaviour of various operating systems Web link: <weblink>http://www.securityfocus.com/archive/1/199558</weblink>;</listitem>
<listitem>BID 3096 Web link: <weblink>http://www.securityfocus.com/bid/3096</weblink>;</listitem>
<listitem>XF cisco-ios-udp-dos(6319) Web link: <weblink>http://xforce.iss.net/static/6913.php</weblink>.</listitem>
</list>
</section>
<section index="3.175.4" title="References" ref="VULNAUDIT.CVE-2001-1097.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BUGTRAQ 20010811 Re: UDP packet handling weird behaviour of various operating systems Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=99749327219189&amp;w=2</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.176" title="CVE-2001-1183" ref="VULNAUDIT.CVE-2001-1183">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/12/01</infodata>
</infobox>
<section index="3.176.1" title="Summary" ref="VULNAUDIT.CVE-2001-1183.SUMMARY">
<text>PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.</text>
</section>
<section index="3.176.2" title="Affected Device" ref="VULNAUDIT.CVE-2001-1183.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.176.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2001-1183.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20010712 Cisco IOS PPTP Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html</weblink>;</listitem>
<listitem>CERT-VN VU#656315 Web link: <weblink>http://www.kb.cert.org/vuls/id/656315</weblink>;</listitem>
<listitem>BID 3022 Web link: <weblink>http://www.securityfocus.com/bid/3022</weblink>;</listitem>
<listitem>XF cisco-ios-pptp-dos(6835) Web link: <weblink>http://xforce.iss.net/static/6835.php</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.177" title="CVE-2002-0339" ref="VULNAUDIT.CVE-2002-0339">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/25/02</infodata>
</infobox>
<section index="3.177.1" title="Summary" ref="VULNAUDIT.CVE-2002-0339.SUMMARY">
<text>Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.</text>
</section>
<section index="3.177.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-0339.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.177.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2002-0339.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20020227 Cisco Security Advisory: Data Leak with Cisco Express Forwarding Web link: <weblink>http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml</weblink>;</listitem>
<listitem>XF ios-cef-information-leak(8296) Web link: <weblink>http://www.iss.net/security_center/static/8296.php</weblink>;</listitem>
<listitem>BID 4191 Web link: <weblink>http://www.securityfocus.com/bid/4191</weblink>.</listitem>
</list>
</section>
<section index="3.177.4" title="References" ref="VULNAUDIT.CVE-2002-0339.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#310387 Web link: <weblink>http://www.kb.cert.org/vuls/id/310387</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.178" title="CVE-2002-1706" ref="VULNAUDIT.CVE-2002-1706">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/02</infodata>
</infobox>
<section index="3.178.1" title="Summary" ref="VULNAUDIT.CVE-2002-1706.SUMMARY">
<text>Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.</text>
</section>
<section index="3.178.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1706.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.178.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2002-1706.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20020617 Cable Modem Termination System Authentication Bypass Web link: <weblink>http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.178.4" title="Reference" ref="VULNAUDIT.CVE-2002-1706.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 5041 Web link: <weblink>http://www.securityfocus.com/bid/5041</weblink>;</listitem>
<listitem>XF cisco-ubr-mic-bypass(9368) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/9368</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.179" title="CVE-2002-1768" ref="VULNAUDIT.CVE-2002-1768">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/02</infodata>
</infobox>
<section index="3.179.1" title="Summary" ref="VULNAUDIT.CVE-2002-1768.SUMMARY">
<text>Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.</text>
</section>
<section index="3.179.2" title="Affected Device" ref="VULNAUDIT.CVE-2002-1768.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.179.3" title="References" ref="VULNAUDIT.CVE-2002-1768.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BUGTRAQ 20020605 Three possible DoS attacks against some IOS versions. Web link: <weblink>http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html</weblink>;</listitem>
<listitem>BUGTRAQ 20020606 Re: Three possible DoS attacks against some IOS versions. Web link: <weblink>http://archives.neohapsis.com/archives/bugtraq/2002-06/0050.html</weblink>;</listitem>
<listitem>BID 4948 Web link: <weblink>http://www.securityfocus.com/bid/4948</weblink>;</listitem>
<listitem>XF cisco-ios-hsrp-dos(9282) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/9282</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.180" title="CVE-2003-0305" ref="VULNAUDIT.CVE-2003-0305">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/9/03</infodata>
</infobox>
<section index="3.180.1" title="Summary" ref="VULNAUDIT.CVE-2003-0305.SUMMARY">
<text>The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.</text>
</section>
<section index="3.180.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0305.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.180.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2003-0305.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20030515 Cisco Security Advisory: Cisco IOS Software Processing of SAA Packets Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.181" title="CVE-2003-0511" ref="VULNAUDIT.CVE-2003-0511">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/27/03</infodata>
</infobox>
<section index="3.181.1" title="Summary" ref="VULNAUDIT.CVE-2003-0511.SUMMARY">
<text>The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.</text>
</section>
<section index="3.181.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0511.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.181.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2003-0511.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>VULNWATCH 20030728 Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0055.html</weblink>.</listitem>
</list>
</section>
<section index="3.181.4" title="Reference" ref="VULNAUDIT.CVE-2003-0511.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20030728 HTTP GET Vulnerability in AP1x00 Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20030728-ap1x00.shtml</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.182" title="CVE-2003-0512" ref="VULNAUDIT.CVE-2003-0512">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:N/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/27/03</infodata>
</infobox>
<section index="3.182.1" title="Summary" ref="VULNAUDIT.CVE-2003-0512.SUMMARY">
<text>Cisco IOS 12.2 and earlier generates a &quot;% Login invalid&quot; message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.</text>
</section>
<section index="3.182.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0512.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.182.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2003-0512.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>VULNWATCH 20030728 Cisco Aironet AP1100 Valid Account Disclosure Vulnerability Web link: <weblink>http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0056.html</weblink>.</listitem>
</list>
</section>
<section index="3.182.4" title="Reference" ref="VULNAUDIT.CVE-2003-0512.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20030724 Enumerating Locally Defined Users in Cisco IOS Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#886796 Web link: <weblink>http://www.kb.cert.org/vuls/id/886796</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.183" title="CVE-2003-0851" ref="VULNAUDIT.CVE-2003-0851">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/1/03</infodata>
</infobox>
<section index="3.183.1" title="Summary" ref="VULNAUDIT.CVE-2003-0851.SUMMARY">
<text>OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.</text>
</section>
<section index="3.183.2" title="Affected Device" ref="VULNAUDIT.CVE-2003-0851.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.183.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2003-0851.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#412478 Web link: <weblink>http://www.kb.cert.org/vuls/id/412478</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.openssl.org/news/secadv_20031104.txt</weblink>;</listitem>
<listitem>BID 8970 Web link: <weblink>http://www.securityfocus.com/bid/8970</weblink>.</listitem>
</list>
</section>
<section index="3.183.4" title="References" ref="VULNAUDIT.CVE-2003-0851.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>NETBSD NetBSD-SA2004-003 Web link: <weblink>ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-003.txt.asc</weblink>;</listitem>
<listitem>SGI 20040304-01-U Web link: <weblink>ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc</weblink>;</listitem>
<listitem>BUGTRAQ 20031104 [OpenSSL Advisory] Denial of Service in ASN.1 parsing Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=106796246511667&amp;w=2</weblink>;</listitem>
<listitem>BUGTRAQ 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=108403850228012&amp;w=2</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:119 Web link: <weblink>http://rhn.redhat.com/errata/RHSA-2004-119.html</weblink>;</listitem>
<listitem>CISCO 20030930 SSL Implementation Vulnerabilities Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml</weblink>;</listitem>
<listitem>FEDORA FEDORA-2005-1042 Web link: <weblink>http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.184" title="CVE-2004-0079" ref="VULNAUDIT.CVE-2004-0079">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/23/04</infodata>
</infobox>
<section index="3.184.1" title="Summary" ref="VULNAUDIT.CVE-2004-0079.SUMMARY">
<text>The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.</text>
</section>
<section index="3.184.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0079.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.184.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0079.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 9899 Web link: <weblink>http://www.securityfocus.com/bid/9899</weblink>;</listitem>
<listitem>CERT TA04-078A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA04-078A.html</weblink>;</listitem>
<listitem>XF openssl-dochangecipherspec-dos(15505) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15505</weblink>.</listitem>
</list>
</section>
<section index="3.184.4" title="References" ref="VULNAUDIT.CVE-2004-0079.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>FREEBSD FreeBSD-SA-04:05 Web link: <weblink>ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc</weblink>;</listitem>
<listitem>NETBSD NetBSD-SA2004-005 Web link: <weblink>ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc</weblink>;</listitem>
<listitem>SCO SCOSA-2004.10 Web link: <weblink>ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt</weblink>;</listitem>
<listitem>CONECTIVA CLA-2004:834 Web link: <weblink>http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000834</weblink>;</listitem>
<listitem>Web link: <weblink>http://docs.info.apple.com/article.html?artnum=61798</weblink>;</listitem>
<listitem>FEDORA FEDORA-2004-095 Web link: <weblink>http://fedoranews.org/updates/FEDORA-2004-095.shtml</weblink>;</listitem>
<listitem>APPLE APPLE-SA-2005-08-17 Web link: <weblink>http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html</weblink>;</listitem>
<listitem>APPLE APPLE-SA-2005-08-15 Web link: <weblink>http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html</weblink>;</listitem>
<listitem>Web link: <weblink>http://lists.apple.com/mhonarc/security-announce/msg00045.html</weblink>;</listitem>
<listitem>BUGTRAQ 20040317 New OpenSSL releases fix denial of service attacks [17 March 2004] Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=107953412903636&amp;w=2</weblink>;</listitem>
<listitem>HP SSRT4717 Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=108403806509920&amp;w=2</weblink>;</listitem>
<listitem>GENTOO GLSA-200403-03 Web link: <weblink>http://security.gentoo.org/glsa/glsa-200403-03.xml</weblink>;</listitem>
<listitem>SUNALERT 57524 Web link: <weblink>http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524</weblink>;</listitem>
<listitem>Web link: <weblink>http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm</weblink>;</listitem>
<listitem>Web link: <weblink>http://support.lexmark.com/index?page=content&amp;id=TE88&amp;locale=EN&amp;userlocale=EN_US</weblink>;</listitem>
<listitem>CIAC O-101 Web link: <weblink>http://www.ciac.org/ciac/bulletins/o-101.shtml</weblink>;</listitem>
<listitem>CISCO 20040317 Cisco OpenSSL Implementation Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml</weblink>;</listitem>
<listitem>DEBIAN DSA-465 Web link: <weblink>http://www.debian.org/security/2004/dsa-465</weblink>;</listitem>
<listitem>CERT-VN VU#288574 Web link: <weblink>http://www.kb.cert.org/vuls/id/288574</weblink>;</listitem>
<listitem>ENGARDE ESA-20040317-003 Web link: <weblink>http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html</weblink>;</listitem>
<listitem>MANDRAKE MDKSA-2004:023 Web link: <weblink>http://www.mandriva.com/security/advisories?name=MDKSA-2004:023</weblink>;</listitem>
<listitem>SUSE SuSE-SA:2004:007 Web link: <weblink>http://www.novell.com/linux/security/advisories/2004_07_openssl.html</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.openssl.org/news/secadv_20040317.txt</weblink>;</listitem>
<listitem>FEDORA FEDORA-2005-1042 Web link: <weblink>http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:120 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-120.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:121 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-121.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:139 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-139.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2005:829 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2005-829.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2005:830 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2005-830.html</weblink>;</listitem>
<listitem>SLACKWARE SSA:2004-077 Web link: <weblink>http://www.slackware.org/security/viewer.php?l=slackware-security&amp;y=2004&amp;m=slackware-security.455961</weblink>;</listitem>
<listitem>TRUSTIX 2004-0012 Web link: <weblink>http://www.trustix.org/errata/2004/0012</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.uniras.gov.uk/vuls/2004/224012/index.htm</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.185" title="CVE-2004-0081" ref="VULNAUDIT.CVE-2004-0081">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/23/04</infodata>
</infobox>
<section index="3.185.1" title="Summary" ref="VULNAUDIT.CVE-2004-0081.SUMMARY">
<text>OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.</text>
</section>
<section index="3.185.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0081.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.185.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0081.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#465542 Web link: <weblink>http://www.kb.cert.org/vuls/id/465542</weblink>;</listitem>
<listitem>BID 9899 Web link: <weblink>http://www.securityfocus.com/bid/9899</weblink>;</listitem>
<listitem>XF openssl-tls-dos(15509) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15509</weblink>.</listitem>
</list>
</section>
<section index="3.185.4" title="References" ref="VULNAUDIT.CVE-2004-0081.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SCO SCOSA-2004.10 Web link: <weblink>ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt</weblink>;</listitem>
<listitem>SGI 20040304-01-U Web link: <weblink>ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc</weblink>;</listitem>
<listitem>CONECTIVA CLA-2004:834 Web link: <weblink>http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000834</weblink>;</listitem>
<listitem>FEDORA FEDORA-2004-095 Web link: <weblink>http://fedoranews.org/updates/FEDORA-2004-095.shtml</weblink>;</listitem>
<listitem>BUGTRAQ 20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004] Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=107955049331965&amp;w=2</weblink>;</listitem>
<listitem>BUGTRAQ 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=108403850228012&amp;w=2</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:119 Web link: <weblink>http://rhn.redhat.com/errata/RHSA-2004-119.html</weblink>;</listitem>
<listitem>GENTOO GLSA-200403-03 Web link: <weblink>http://security.gentoo.org/glsa/glsa-200403-03.xml</weblink>;</listitem>
<listitem>SUNALERT 57524 Web link: <weblink>http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524</weblink>;</listitem>
<listitem>CISCO 20040317 Cisco OpenSSL Implementation Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml</weblink>;</listitem>
<listitem>DEBIAN DSA-465 Web link: <weblink>http://www.debian.org/security/2004/dsa-465</weblink>;</listitem>
<listitem>ENGARDE ESA-20040317-003 Web link: <weblink>http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:120 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-120.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:121 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-121.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:139 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-139.html</weblink>;</listitem>
<listitem>TRUSTIX 2004-0012 Web link: <weblink>http://www.trustix.org/errata/2004/0012</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.uniras.gov.uk/vuls/2004/224012/index.htm</weblink>;</listitem>
<listitem>CERT TA04-078A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA04-078A.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.186" title="CVE-2004-0112" ref="VULNAUDIT.CVE-2004-0112">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/23/04</infodata>
</infobox>
<section index="3.186.1" title="Summary" ref="VULNAUDIT.CVE-2004-0112.SUMMARY">
<text>The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.</text>
</section>
<section index="3.186.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0112.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.186.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0112.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>BID 9899 Web link: <weblink>http://www.securityfocus.com/bid/9899</weblink>;</listitem>
<listitem>CERT TA04-078A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA04-078A.html</weblink>;</listitem>
<listitem>XF openssl-kerberos-ciphersuites-dos(15508) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15508</weblink>.</listitem>
</list>
</section>
<section index="3.186.4" title="References" ref="VULNAUDIT.CVE-2004-0112.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>NETBSD NetBSD-SA2004-005 Web link: <weblink>ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc</weblink>;</listitem>
<listitem>SCO SCOSA-2004.10 Web link: <weblink>ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt</weblink>;</listitem>
<listitem>CONECTIVA CLA-2004:834 Web link: <weblink>http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000834</weblink>;</listitem>
<listitem>Web link: <weblink>http://docs.info.apple.com/article.html?artnum=61798</weblink>;</listitem>
<listitem>APPLE APPLE-SA-2005-08-17 Web link: <weblink>http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html</weblink>;</listitem>
<listitem>APPLE APPLE-SA-2005-08-15 Web link: <weblink>http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html</weblink>;</listitem>
<listitem>Web link: <weblink>http://lists.apple.com/mhonarc/security-announce/msg00045.html</weblink>;</listitem>
<listitem>BUGTRAQ 20040317 New OpenSSL releases fix denial of service attacks [17 March 2004] Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=107953412903636&amp;w=2</weblink>;</listitem>
<listitem>HP SSRT4717 Web link: <weblink>http://marc.info/?l=bugtraq&amp;m=108403806509920&amp;w=2</weblink>;</listitem>
<listitem>GENTOO GLSA-200403-03 Web link: <weblink>http://security.gentoo.org/glsa/glsa-200403-03.xml</weblink>;</listitem>
<listitem>SUNALERT 57524 Web link: <weblink>http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524</weblink>;</listitem>
<listitem>CIAC O-101 Web link: <weblink>http://www.ciac.org/ciac/bulletins/o-101.shtml</weblink>;</listitem>
<listitem>CISCO 20040317 Cisco OpenSSL Implementation Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#484726 Web link: <weblink>http://www.kb.cert.org/vuls/id/484726</weblink>;</listitem>
<listitem>MANDRAKE MDKSA-2004:023 Web link: <weblink>http://www.mandriva.com/security/advisories?name=MDKSA-2004:023</weblink>;</listitem>
<listitem>SUSE SuSE-SA:2004:007 Web link: <weblink>http://www.novell.com/linux/security/advisories/2004_07_openssl.html</weblink>;</listitem>
<listitem>Web link: <weblink>http://www.openssl.org/news/secadv_20040317.txt</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:120 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-120.html</weblink>;</listitem>
<listitem>REDHAT RHSA-2004:121 Web link: <weblink>http://www.redhat.com/support/errata/RHSA-2004-121.html</weblink>;</listitem>
<listitem>SLACKWARE SSA:2004-077 Web link: <weblink>http://www.slackware.org/security/viewer.php?l=slackware-security&amp;y=2004&amp;m=slackware-security.455961</weblink>;</listitem>
<listitem>TRUSTIX 2004-0012 Web link: <weblink>http://www.trustix.org/errata/2004/0012</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.uniras.gov.uk/vuls/2004/224012/index.htm</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.187" title="CVE-2004-0710" ref="VULNAUDIT.CVE-2004-0710">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/27/04</infodata>
</infobox>
<section index="3.187.1" title="Summary" ref="VULNAUDIT.CVE-2004-0710.SUMMARY">
<text>IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.</text>
</section>
<section index="3.187.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0710.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.187.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0710.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#904310 Web link: <weblink>http://www.kb.cert.org/vuls/id/904310</weblink>;</listitem>
<listitem>BID 10083 Web link: <weblink>http://www.securityfocus.com/bid/10083</weblink>.</listitem>
</list>
</section>
<section index="3.187.4" title="References" ref="VULNAUDIT.CVE-2004-0710.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>XF cisco-vpnsm-ike-dos(15797) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15797</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.188" title="CVE-2004-0714" ref="VULNAUDIT.CVE-2004-0714">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">7/27/04</infodata>
</infobox>
<section index="3.188.1" title="Summary" ref="VULNAUDIT.CVE-2004-0714.SUMMARY">
<text>Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).</text>
</section>
<section index="3.188.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0714.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.188.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0714.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20040420 Vulnerabilities in SNMP Message Processing Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#162451 Web link: <weblink>http://www.kb.cert.org/vuls/id/162451</weblink>;</listitem>
<listitem>BID 10186 Web link: <weblink>http://www.securityfocus.com/bid/10186</weblink>;</listitem>
<listitem>CERT TA04-111B Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA04-111B.html</weblink>.</listitem>
</list>
</section>
<section index="3.188.4" title="References" ref="VULNAUDIT.CVE-2004-0714.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>XF cisco-ios-snmp-udp-dos(15921) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15921</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.189" title="CVE-2004-1111" ref="VULNAUDIT.CVE-2004-1111">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/10/05</infodata>
</infobox>
<section index="3.189.1" title="Summary" ref="VULNAUDIT.CVE-2004-1111.SUMMARY">
<text>Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the &quot;no service dhcp&quot; command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.</text>
</section>
<section index="3.189.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-1111.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.189.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-1111.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#630104 Web link: <weblink>http://www.kb.cert.org/vuls/id/630104</weblink>;</listitem>
<listitem>XF cisco-ios-dhcp-dos(18021) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/18021</weblink>.</listitem>
</list>
</section>
<section index="3.189.4" title="References" ref="VULNAUDIT.CVE-2004-1111.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CIAC P-034 Web link: <weblink>http://www.ciac.org/ciac/bulletins/p-034.shtml</weblink>;</listitem>
<listitem>CISCO 20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml</weblink>;</listitem>
<listitem>CERT TA04-316A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA04-316A.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.190" title="CVE-2004-1454" ref="VULNAUDIT.CVE-2004-1454">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/04</infodata>
</infobox>
<section index="3.190.1" title="Summary" ref="VULNAUDIT.CVE-2004-1454.SUMMARY">
<text>Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.</text>
</section>
<section index="3.190.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-1454.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.190.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-1454.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CIAC O-199 Web link: <weblink>http://www.ciac.org/ciac/bulletins/o-199.shtml</weblink>;</listitem>
<listitem>CISCO 20040818 Cisco IOS Malformed OSPF Packet Causes Reload Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#989406 Web link: <weblink>http://www.kb.cert.org/vuls/id/989406</weblink>.</listitem>
</list>
</section>
<section index="3.190.4" title="References" ref="VULNAUDIT.CVE-2004-1454.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 10971 Web link: <weblink>http://www.securityfocus.com/bid/10971</weblink>;</listitem>
<listitem>XF cisco-ios-ospf-dos(17033) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/17033</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.191" title="CVE-2004-1464" ref="VULNAUDIT.CVE-2004-1464">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">12/31/04</infodata>
</infobox>
<section index="3.191.1" title="Summary" ref="VULNAUDIT.CVE-2004-1464.SUMMARY">
<text>Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.</text>
</section>
<section index="3.191.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-1464.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.191.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-1464.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20040827 Cisco Telnet Denial of Service Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#384230 Web link: <weblink>http://www.kb.cert.org/vuls/id/384230</weblink>.</listitem>
</list>
</section>
<section index="3.191.4" title="References" ref="VULNAUDIT.CVE-2004-1464.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1011079 Web link: <weblink>http://securitytracker.com/id?1011079</weblink>;</listitem>
<listitem>BID 11060 Web link: <weblink>http://www.securityfocus.com/bid/11060</weblink>;</listitem>
<listitem>XF cisco-ios-telnet-dos(17131) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/17131</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.192" title="CVE-2005-0186" ref="VULNAUDIT.CVE-2005-0186">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/19/05</infodata>
</infobox>
<section index="3.192.1" title="Summary" ref="VULNAUDIT.CVE-2005-0186.SUMMARY">
<text>Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.</text>
</section>
<section index="3.192.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-0186.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.192.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-0186.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050119 Vulnerability in Cisco IOS Embedded Call Processing Solutions Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml</weblink>;</listitem>
<listitem>XF cisco-ios-sccp-dos(18956) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/18956</weblink>.</listitem>
</list>
</section>
<section index="3.192.4" title="References" ref="VULNAUDIT.CVE-2005-0186.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1012945 Web link: <weblink>http://securitytracker.com/id?1012945</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.193" title="CVE-2005-0195" ref="VULNAUDIT.CVE-2005-0195">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.193.1" title="Summary" ref="VULNAUDIT.CVE-2005-0195.SUMMARY">
<text>Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.</text>
</section>
<section index="3.193.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-0195.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.193.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-0195.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050126 Multiple Crafted IPv6 Packets Cause Reload Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#472582 Web link: <weblink>http://www.kb.cert.org/vuls/id/472582</weblink>;</listitem>
<listitem>CERT TA05-026A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA05-026A.html</weblink>;</listitem>
<listitem>XF cisco-ios-ipv6-dos(19072) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19072</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.194" title="CVE-2005-0196" ref="VULNAUDIT.CVE-2005-0196">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/05</infodata>
</infobox>
<section index="3.194.1" title="Summary" ref="VULNAUDIT.CVE-2005-0196.SUMMARY">
<text>Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.</text>
</section>
<section index="3.194.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-0196.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.194.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-0196.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20050126 Cisco IOS Misformed BGP Packet Causes Reload Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#689326 Web link: <weblink>http://www.kb.cert.org/vuls/id/689326</weblink>;</listitem>
<listitem>CERT TA05-026A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA05-026A.html</weblink>;</listitem>
<listitem>XF cisco-ios-bgp-packetdos(19074) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/19074</weblink>.</listitem>
</list>
</section>
<section index="3.194.4" title="References" ref="VULNAUDIT.CVE-2005-0196.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1013013 Web link: <weblink>http://securitytracker.com/id?1013013</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.195" title="CVE-2005-3669" ref="VULNAUDIT.CVE-2005-3669">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/18/05</infodata>
</infobox>
<section index="3.195.1" title="Summary" ref="VULNAUDIT.CVE-2005-3669.SUMMARY">
<text>Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.</text>
</section>
<section index="3.195.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-3669.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.195.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2005-3669.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml</weblink>;</listitem>
<listitem>CERT-VN VU#226364 Web link: <weblink>http://www.kb.cert.org/vuls/id/226364</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en</weblink>.</listitem>
</list>
</section>
<section index="3.195.4" title="References" ref="VULNAUDIT.CVE-2005-3669.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>MISC Web link: <weblink>http://jvn.jp/niscc/NISCC-273756/index.html</weblink>;</listitem>
<listitem>SECTRACK 1015198 Web link: <weblink>http://securitytracker.com/id?1015198</weblink>;</listitem>
<listitem>SECTRACK 1015199 Web link: <weblink>http://securitytracker.com/id?1015199</weblink>;</listitem>
<listitem>SECTRACK 1015200 Web link: <weblink>http://securitytracker.com/id?1015200</weblink>;</listitem>
<listitem>SECTRACK 1015201 Web link: <weblink>http://securitytracker.com/id?1015201</weblink>;</listitem>
<listitem>SECTRACK 1015202 Web link: <weblink>http://securitytracker.com/id?1015202</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/</weblink>;</listitem>
<listitem>BID 15401 Web link: <weblink>http://www.securityfocus.com/bid/15401</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.196" title="CVE-2007-4430" ref="VULNAUDIT.CVE-2007-4430">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/20/07</infodata>
</infobox>
<section index="3.196.1" title="Summary" ref="VULNAUDIT.CVE-2007-4430.SUMMARY">
<text>Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a &quot;show ip bgp regexp&quot; command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.</text>
</section>
<section index="3.196.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4430.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.196.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2007-4430.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>VUPEN ADV-2007-3136 Web link: <weblink>http://www.vupen.com/english/advisories/2007/3136</weblink>.</listitem>
</list>
</section>
<section index="3.196.4" title="Reference" ref="VULNAUDIT.CVE-2007-4430.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>MISC Web link: <weblink>http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;forum=Network%20Infrastructure&amp;topic=WAN%2C%20Routing%20and%20Switching&amp;CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9</weblink>;</listitem>
<listitem>CISCO 20070912 Cisco IOS Reload on Regular Expression Processing Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.heise-security.co.uk/news/94526/</weblink>;</listitem>
<listitem>BID 25352 Web link: <weblink>http://www.securityfocus.com/bid/25352</weblink>;</listitem>
<listitem>SECTRACK 1018685 Web link: <weblink>http://www.securitytracker.com/id?1018685</weblink>;</listitem>
<listitem>MLIST [cisco-nsp] 20070817 Heads up: &quot;sh ip bgp regexp&quot; crashing router Web link: <weblink>https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html</weblink>;</listitem>
<listitem>MLIST [cisco-nsp] 20070817 About the posting entitled &quot;Heads up: &quot;sh ip bgp regexp&quot; crashing router&quot; Web link: <weblink>https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.197" title="CVE-2010-4687" ref="VULNAUDIT.CVE-2010-4687">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.197.1" title="Summary" ref="VULNAUDIT.CVE-2010-4687.SUMMARY">
<text>STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552.</text>
</section>
<section index="3.197.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4687.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.197.3" title="References" ref="VULNAUDIT.CVE-2010-4687.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45769 Web link: <weblink>http://www.securityfocus.com/bid/45769</weblink>;</listitem>
<listitem>XF ciscoios-stcapp-dos(64584) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64584</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.198" title="CVE-2011-2059" ref="VULNAUDIT.CVE-2011-2059">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:N/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/21/11</infodata>
</infobox>
<section index="3.198.1" title="Summary" ref="VULNAUDIT.CVE-2011-2059.SUMMARY">
<text>The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219.</text>
</section>
<section index="3.198.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-2059.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.198.3" title="References" ref="VULNAUDIT.CVE-2011-2059.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor</weblink>;</listitem>
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&amp;signatureSubId=0</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.199" title="CVE-2011-2395" ref="VULNAUDIT.CVE-2011-2395">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/8/11</infodata>
</infobox>
<section index="3.199.1" title="Summary" ref="VULNAUDIT.CVE-2011-2395.SUMMARY">
<text>The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated by (1) a packet in which the first fragment contains a long Destination Options extension header or (2) a packet in which the first fragment contains an ICMPv6 Echo Request message.</text>
</section>
<section index="3.199.2" title="Affected Device" ref="VULNAUDIT.CVE-2011-2395.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.199.3" title="References" ref="VULNAUDIT.CVE-2011-2395.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>FULLDISC 20110523 Bypassing Cisco's ICMPv6 Router Advertisement Guard feature Web link: <weblink>http://seclists.org/fulldisclosure/2011/May/446</weblink>;</listitem>
<listitem>SREASON 8271 Web link: <weblink>http://securityreason.com/securityalert/8271</weblink>;</listitem>
<listitem>XF ciscoios-nd-security-bypass(67940) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/67940</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.200" title="CVE-2012-0338" ref="VULNAUDIT.CVE-2012-0338">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/12</infodata>
</infobox>
<section index="3.200.1" title="Summary" ref="VULNAUDIT.CVE-2012-0338.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113.</text>
</section>
<section index="3.200.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0338.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.200.3" title="References" ref="VULNAUDIT.CVE-2012-0338.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXH_rebuilds.html</weblink>;</listitem>
<listitem>SECTRACK 1027005 Web link: <weblink>http://www.securitytracker.com/id?1027005</weblink>;</listitem>
<listitem>Web link: <weblink>https://supportforums.cisco.com/thread/2030226</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.201" title="CVE-2012-0339" ref="VULNAUDIT.CVE-2012-0339">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:P/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/12</infodata>
</infobox>
<section index="3.201.1" title="Summary" ref="VULNAUDIT.CVE-2012-0339.SUMMARY">
<text>Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish TELNET connections from arbitrary source IP addresses via a standard TELNET client, aka Bug ID CSCsi77774.</text>
</section>
<section index="3.201.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0339.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.201.3" title="References" ref="VULNAUDIT.CVE-2012-0339.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/release/notes/caveats_SXF_rebuilds.html</weblink>;</listitem>
<listitem>SECTRACK 1027005 Web link: <weblink>http://www.securitytracker.com/id?1027005</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.202" title="CVE-2012-1367" ref="VULNAUDIT.CVE-2012-1367">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/6/12</infodata>
</infobox>
<section index="3.202.1" title="Summary" ref="VULNAUDIT.CVE-2012-1367.SUMMARY">
<text>The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538.</text>
</section>
<section index="3.202.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-1367.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.202.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2012-1367.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/12_2sr/release/notes/122SRcavs1.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.203" title="CVE-2015-4202" ref="VULNAUDIT.CVE-2015-4202">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:N/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">6/20/15</infodata>
</infobox>
<section index="3.203.1" title="Summary" ref="VULNAUDIT.CVE-2015-4202.SUMMARY">
<text>Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203.</text>
</section>
<section index="3.203.2" title="Affected Device" ref="VULNAUDIT.CVE-2015-4202.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.203.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2015-4202.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20150619 Cisco uBR10000 Series Universal Broadband Routers Information Disclosure Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=39432</weblink>;</listitem>
<listitem>BID 75321 Web link: <weblink>http://www.securityfocus.com/bid/75321</weblink>;</listitem>
<listitem>SECTRACK 1032678 Web link: <weblink>http://www.securitytracker.com/id/1032678</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.204" title="CVE-2016-1409" ref="VULNAUDIT.CVE-2016-1409">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:N/I:N/A:P (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/29/16</infodata>
</infobox>
<section index="3.204.1" title="Summary" ref="VULNAUDIT.CVE-2016-1409.SUMMARY">
<text>The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.</text>
</section>
<section index="3.204.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-1409.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.204.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-1409.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20160525 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6</weblink>.</listitem>
</list>
</section>
<section index="3.204.4" title="Reference" ref="VULNAUDIT.CVE-2016-1409.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en</weblink>;</listitem>
<listitem>BID 90872 Web link: <weblink>http://www.securityfocus.com/bid/90872</weblink>;</listitem>
<listitem>SECTRACK 1035962 Web link: <weblink>http://www.securitytracker.com/id/1035962</weblink>;</listitem>
<listitem>SECTRACK 1035963 Web link: <weblink>http://www.securitytracker.com/id/1035963</weblink>;</listitem>
<listitem>SECTRACK 1035964 Web link: <weblink>http://www.securitytracker.com/id/1035964</weblink>;</listitem>
<listitem>SECTRACK 1035965 Web link: <weblink>http://www.securitytracker.com/id/1035965</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.205" title="CVE-2016-6415" ref="VULNAUDIT.CVE-2016-6415">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">5.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:N/C:P/I:N/A:N (5.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (5.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/18/16</infodata>
</infobox>
<section index="3.205.1" title="Summary" ref="VULNAUDIT.CVE-2016-6415.SUMMARY">
<text>The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.</text>
</section>
<section index="3.205.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6415.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.205.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2016-6415.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20160916 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1</weblink>;</listitem>
<listitem>BID 93003 Web link: <weblink>http://www.securityfocus.com/bid/93003</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.206" title="CVE-2004-0244" ref="VULNAUDIT.CVE-2004-0244">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.7</infodata>
<infodata label="CVSSv2 Base">AV:L/AC:M/Au:N/C:N/I:N/A:C (4.7)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.7)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">11/23/04</infodata>
</infobox>
<section index="3.206.1" title="Summary" ref="VULNAUDIT.CVE-2004-0244.SUMMARY">
<text>Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.</text>
</section>
<section index="3.206.2" title="Affected Device" ref="VULNAUDIT.CVE-2004-0244.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.206.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2004-0244.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20040203 Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml</weblink>;</listitem>
<listitem>BID 9562 Web link: <weblink>http://www.securityfocus.com/bid/9562</weblink>;</listitem>
<listitem>XF cisco-malformed-frame-dos(15013) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/15013</weblink>.</listitem>
</list>
</section>
<section index="3.206.4" title="References" ref="VULNAUDIT.CVE-2004-0244.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CERT-VN VU#810062 Web link: <weblink>http://www.kb.cert.org/vuls/id/810062</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.207" title="CVE-2006-0485" ref="VULNAUDIT.CVE-2006-0485">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.6</infodata>
<infodata label="CVSSv2 Base">AV:L/AC:L/Au:N/C:P/I:P/A:P (4.6)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.6)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/31/06</infodata>
</infobox>
<section index="3.207.1" title="Summary" ref="VULNAUDIT.CVE-2006-0485.SUMMARY">
<text>The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.</text>
</section>
<section index="3.207.2" title="Affected Device" ref="VULNAUDIT.CVE-2006-0485.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.207.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2006-0485.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20060125 Response to AAA Command Authorization by-pass Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.207.4" title="Reference" ref="VULNAUDIT.CVE-2006-0485.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1015543 Web link: <weblink>http://securitytracker.com/id?1015543</weblink>;</listitem>
<listitem>BID 16383 Web link: <weblink>http://www.securityfocus.com/bid/16383</weblink>;</listitem>
<listitem>VUPEN ADV-2006-0337 Web link: <weblink>http://www.vupen.com/english/advisories/2006/0337</weblink>;</listitem>
<listitem>XF cisco-aaa-tcl-auth-bypass(24308) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/24308</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.208" title="CVE-2006-0486" ref="VULNAUDIT.CVE-2006-0486">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.6</infodata>
<infodata label="CVSSv2 Base">AV:L/AC:L/Au:N/C:P/I:P/A:P (4.6)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.6)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/31/06</infodata>
</infobox>
<section index="3.208.1" title="Summary" ref="VULNAUDIT.CVE-2006-0486.SUMMARY">
<text>Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.</text>
</section>
<section index="3.208.2" title="Affected Device" ref="VULNAUDIT.CVE-2006-0486.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.208.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2006-0486.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20060125 Response to AAA Command Authorization by-pass Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.208.4" title="Reference" ref="VULNAUDIT.CVE-2006-0486.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>SECTRACK 1015543 Web link: <weblink>http://securitytracker.com/id?1015543</weblink>;</listitem>
<listitem>XF cisco-aaa-tcl-auth-bypass(24308) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/24308</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.209" title="CVE-2007-4632" ref="VULNAUDIT.CVE-2007-4632">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:A/AC:H/Au:N/C:P/I:P/A:P (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/31/07</infodata>
</infobox>
<section index="3.209.1" title="Summary" ref="VULNAUDIT.CVE-2007-4632.SUMMARY">
<text>Cisco IOS 12.2E, 12.2F, and 12.2S places a &quot;no login&quot; line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105.</text>
</section>
<section index="3.209.2" title="Affected Device" ref="VULNAUDIT.CVE-2007-4632.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.209.3" title="References" ref="VULNAUDIT.CVE-2007-4632.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>CISCO 20070829 VTY Authentication Bypass Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a00808ae4ca.html</weblink>;</listitem>
<listitem>BID 25482 Web link: <weblink>http://www.securityfocus.com/bid/25482</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.210" title="CVE-2008-3821" ref="VULNAUDIT.CVE-2008-3821">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:P/A:N (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/16/09</infodata>
</infobox>
<section index="3.210.1" title="Summary" ref="VULNAUDIT.CVE-2008-3821.SUMMARY">
<text>Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.</text>
</section>
<section index="3.210.2" title="Affected Device" ref="VULNAUDIT.CVE-2008-3821.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.210.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2008-3821.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20090114 Cisco IOS Cross-Site Scripting Vulnerabilities Web link: <weblink>http://www.cisco.com/en/US/products/products_security_response09186a0080a5c501.html</weblink>.</listitem>
</list>
</section>
<section index="3.210.4" title="Reference" ref="VULNAUDIT.CVE-2008-3821.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>JVN JVN#28344798 Web link: <weblink>http://jvn.jp/en/jp/JVN28344798/index.html</weblink>;</listitem>
<listitem>SREASON 4916 Web link: <weblink>http://securityreason.com/securityalert/4916</weblink>;</listitem>
<listitem>SECTRACK 1021598 Web link: <weblink>http://securitytracker.com/id?1021598</weblink>;</listitem>
<listitem>MISC Web link: <weblink>http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19</weblink>;</listitem>
<listitem>BUGTRAQ 20090114 PR08-19: XSS on Cisco IOS HTTP Server Web link: <weblink>http://www.securityfocus.com/archive/1/archive/1/500063/100/0/threaded</weblink>;</listitem>
<listitem>BID 33260 Web link: <weblink>http://www.securityfocus.com/bid/33260</weblink>;</listitem>
<listitem>VUPEN ADV-2009-0138 Web link: <weblink>http://www.vupen.com/english/advisories/2009/0138</weblink>;</listitem>
<listitem>XF cisco-ios-httpserver-ping-xss(47947) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/47947</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.211" title="CVE-2009-2862" ref="VULNAUDIT.CVE-2009-2862">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:P/I:N/A:N (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/28/09</infodata>
</infobox>
<section index="3.211.1" title="Summary" ref="VULNAUDIT.CVE-2009-2862.SUMMARY">
<text>The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.</text>
</section>
<section index="3.211.2" title="Affected Device" ref="VULNAUDIT.CVE-2009-2862.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.211.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2009-2862.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://tools.cisco.com/security/center/viewAlert.x?alertId=18876</weblink>;</listitem>
<listitem>CISCO 20090923 Cisco IOS Software Object-group Access Control List Bypass Vulnerability Web link: <weblink>http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml</weblink>;</listitem>
<listitem>VUPEN ADV-2009-2759 Web link: <weblink>http://www.vupen.com/english/advisories/2009/2759</weblink>.</listitem>
</list>
</section>
<section index="3.211.4" title="References" ref="VULNAUDIT.CVE-2009-2862.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 36495 Web link: <weblink>http://www.securityfocus.com/bid/36495</weblink>;</listitem>
<listitem>SECTRACK 1022933 Web link: <weblink>http://www.securitytracker.com/id?1022933</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.212" title="CVE-2012-0362" ref="VULNAUDIT.CVE-2012-0362">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:P/A:N (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">5/2/12</infodata>
</infobox>
<section index="3.212.1" title="Summary" ref="VULNAUDIT.CVE-2012-0362.SUMMARY">
<text>The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.</text>
</section>
<section index="3.212.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-0362.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.212.3" title="References" ref="VULNAUDIT.CVE-2012-0362.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>MLIST [cisco-nsp] 20120202 Ambiguous ACL &quot;log&quot; in 12.2(58)SE2? Web link: <weblink>http://puck.nether.net/pipermail/cisco-nsp/2012-February/083517.html</weblink>;</listitem>
<listitem>SECTRACK 1027005 Web link: <weblink>http://www.securitytracker.com/id?1027005</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.213" title="CVE-2012-5039" ref="VULNAUDIT.CVE-2012-5039">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:N/I:N/A:P (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">4/23/14</infodata>
</infobox>
<section index="3.213.1" title="Summary" ref="VULNAUDIT.CVE-2012-5039.SUMMARY">
<text>The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.</text>
</section>
<section index="3.213.2" title="Affected Device" ref="VULNAUDIT.CVE-2012-5039.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.213.3" title="References" ref="VULNAUDIT.CVE-2012-5039.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.214" title="CVE-2016-6422" ref="VULNAUDIT.CVE-2016-6422">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.3</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:M/Au:N/C:P/I:N/A:N (4.3)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.3)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">10/6/16</infodata>
</infobox>
<section index="3.214.1" title="Summary" ref="VULNAUDIT.CVE-2016-6422.SUMMARY">
<text>Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.</text>
</section>
<section index="3.214.2" title="Affected Device" ref="VULNAUDIT.CVE-2016-6422.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.214.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2016-6422.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20161005 Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600 Series Routers ACL Bypass Vulnerability Web link: <weblink>http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst</weblink>.</listitem>
</list>
</section>
<section index="3.214.4" title="Reference" ref="VULNAUDIT.CVE-2016-6422.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>BID 93404 Web link: <weblink>http://www.securityfocus.com/bid/93404</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.215" title="CVE-2010-4685" ref="VULNAUDIT.CVE-2010-4685">
<infobox type="information" position="topright" title="Overall Rating: Medium" dataformat="dual">
<infodata label="CVSSv2 Score">4.0</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:L/Au:S/C:P/I:N/A:N (4.0)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (4.0)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">1/7/11</infodata>
</infobox>
<section index="3.215.1" title="Summary" ref="VULNAUDIT.CVE-2010-4685.SUMMARY">
<text>Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.</text>
</section>
<section index="3.215.2" title="Affected Device" ref="VULNAUDIT.CVE-2010-4685.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.215.3" title="References" ref="VULNAUDIT.CVE-2010-4685.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>Web link: <weblink>http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf</weblink>;</listitem>
<listitem>BID 45769 Web link: <weblink>http://www.securityfocus.com/bid/45769</weblink>;</listitem>
<listitem>XF ciscoios-certificate-security-bypass(64586) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/64586</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.216" title="CVE-2006-4650" ref="VULNAUDIT.CVE-2006-4650">
<infobox type="information" position="topright" title="Overall Rating: Low" dataformat="dual">
<infodata label="CVSSv2 Score">2.6</infodata>
<infodata label="CVSSv2 Base">AV:N/AC:H/Au:N/C:P/I:N/A:N (2.6)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (2.6)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">9/8/06</infodata>
</infobox>
<section index="3.216.1" title="Summary" ref="VULNAUDIT.CVE-2006-4650.SUMMARY">
<text>Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.</text>
</section>
<section index="3.216.2" title="Affected Device" ref="VULNAUDIT.CVE-2006-4650.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.216.3" title="Vendor Security Advisories" ref="VULNAUDIT.CVE-2006-4650.ADVISORY">
<text>The following is a list of security advisories contain more specific information direct from the manufacturers about this vulnerability:</text>
<list type="bullet">
<listitem>MISC Web link: <weblink>http://www.phenoelit.de/stuff/CiscoGRE.txt</weblink>;</listitem>
<listitem>BUGTRAQ 20060906 Cisco IOS GRE issue Web link: <weblink>http://www.securityfocus.com/archive/1/archive/1/445322/100/0/threaded</weblink>.</listitem>
</list>
</section>
<section index="3.216.4" title="References" ref="VULNAUDIT.CVE-2006-4650.REFERENCE">
<text>The following references contain further information about this vulnerability:</text>
<list type="bullet">
<listitem>SREASON 1526 Web link: <weblink>http://securityreason.com/securityalert/1526</weblink>;</listitem>
<listitem>SECTRACK 1016799 Web link: <weblink>http://securitytracker.com/id?1016799</weblink>;</listitem>
<listitem>CISCO 20060906 Cisco IOS GRE Decapsulation Vulnerability Web link: <weblink>http://www.cisco.com/en/US/tech/tk827/tk369/tsd_technology_security_response09186a008072cd7b.html</weblink>;</listitem>
<listitem>BID 19878 Web link: <weblink>http://www.securityfocus.com/bid/19878</weblink>;</listitem>
<listitem>VUPEN ADV-2006-3502 Web link: <weblink>http://www.vupen.com/english/advisories/2006/3502</weblink>;</listitem>
<listitem>XF cisco-ios-gre-acl-bypass(28786) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/28786</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.217" title="CVE-2005-2451" ref="VULNAUDIT.CVE-2005-2451">
<infobox type="information" position="topright" title="Overall Rating: Low" dataformat="dual">
<infodata label="CVSSv2 Score">2.1</infodata>
<infodata label="CVSSv2 Base">AV:L/AC:L/Au:N/C:N/I:N/A:P (2.1)</infodata>
<infodata label="CVSSv2 Temporal">E:ND/RL:ND/RC:ND (2.1)</infodata>
<infodata label="CVSSv2 Environmental">: CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND</infodata>
<infodata label="Published">8/3/05</infodata>
</infobox>
<section index="3.217.1" title="Summary" ref="VULNAUDIT.CVE-2005-2451.SUMMARY">
<text>Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.</text>
</section>
<section index="3.217.2" title="Affected Device" ref="VULNAUDIT.CVE-2005-2451.AFFECTED">
<text>The Cisco Catalyst Switch Switch may be be affected by this security vulnerability.</text>
</section>
<section index="3.217.3" title="Vendor Security Advisory" ref="VULNAUDIT.CVE-2005-2451.ADVISORY">
<text>The following security advisory provides more information about this vulnerability from the manufacturer:</text>
<list type="bullet">
<listitem>CISCO 20050729 IPv6 Crafted Packet Vulnerability Web link: <weblink>http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml</weblink>.</listitem>
</list>
</section>
<section index="3.217.4" title="Reference" ref="VULNAUDIT.CVE-2005-2451.REFERENCE">
<text>The following reference contains further information about this vulnerability:</text>
<list type="bullet">
<listitem>FULLDISC 20050729 Cisco IOS Shellcode Presentation Web link: <weblink>http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0663.html</weblink>;</listitem>
<listitem>SECTRACK 1014598 Web link: <weblink>http://securitytracker.com/id?1014598</weblink>;</listitem>
<listitem>CERT-VN VU#930892 Web link: <weblink>http://www.kb.cert.org/vuls/id/930892</weblink>;</listitem>
<listitem>BID 14414 Web link: <weblink>http://www.securityfocus.com/bid/14414</weblink>;</listitem>
<listitem>CERT TA05-210A Web link: <weblink>http://www.us-cert.gov/cas/techalerts/TA05-210A.html</weblink>;</listitem>
<listitem>XF cisco-ios-ipv6-packet-command-execution(21591) Web link: <weblink>http://xforce.iss.net/xforce/xfdb/21591</weblink>.</listitem>
</list>
</section>
</section>
<section index="3.218" title="Conclusions" ref="VULNAUDIT.CONCLUSIONS">
<text>Nipper Studio performed a software vulnerability audit of the device detailed in Table <linktotable ref="VULNAUDIT.CONCLUSIONS">30</linktotable> on Tuesday, August 8, 2017. During the audit Nipper Studio identified 216 vulnerabilities, the most significant was rated as Critical.</text>
<table index="30" title="Software vulnerability audit conclusions" ref="VULNAUDIT.CONCLUSIONS">
<headings>
<heading>Device</heading>
<heading>Type</heading>
<heading>Findings</heading>
<heading>Highest</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>Cisco Catalyst Switch</item></tablecell>
<tablecell><item>216</item></tablecell>
<tablecell><item>Critical</item></tablecell>
</tablerow>
</tablebody>
</table>
<text>Table <linktotable ref="VULNAUDIT.CONCLUSIONS">31</linktotable> lists the vulnerabilities identified during the audit.</text>
<table index="31" title="Vulnerability audit summary findings" ref="VULNAUDIT.CONCLUSIONS">
<headings>
<heading>Vulnerability</heading>
<heading>CVSSv2 Score</heading>
<heading>Rating</heading>
<heading>Affected Devices</heading>
<heading>Section</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>CVE-2002-1357</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.2</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1358</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.3</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1359</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.4</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1360</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.5</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-0480</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.6</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-1574</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.7</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3271</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.8</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3881</item></tablecell>
<tablecell><item>10.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.9</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2001-0537</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.10</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-1398</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.11</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-3481</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.12</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-2586</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.13</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4286</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.14</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4292</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.15</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-5381</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.16</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3807</item></tablecell>
<tablecell><item>9.3</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.17</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4285</item></tablecell>
<tablecell><item>9.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.18</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0635</item></tablecell>
<tablecell><item>9.0</item></tablecell>
<tablecell><item>Critical</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.19</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4263</item></tablecell>
<tablecell><item>8.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.20</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3805</item></tablecell>
<tablecell><item>8.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.21</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3806</item></tablecell>
<tablecell><item>8.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.22</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0384</item></tablecell>
<tablecell><item>8.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.23</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6380</item></tablecell>
<tablecell><item>8.3</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.24</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-2208</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.25</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0567</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.26</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-0479</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.27</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-0481</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.28</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-2688</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.29</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-2813</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.30</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-1152</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.31</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3799</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.32</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3808</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.33</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3813</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.34</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-0631</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.35</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-0636</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.36</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2866</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.37</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2867</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.38</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2868</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.39</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2869</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.40</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2871</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.41</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-5038</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.42</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-5039</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.43</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0576</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.44</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0578</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.45</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0582</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.46</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0583</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.47</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0585</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.48</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0586</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.49</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2828</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.50</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2829</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.51</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2831</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.52</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2832</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.53</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2833</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.54</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2834</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.55</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2835</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.56</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4671</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.57</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4683</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.58</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4686</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.59</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-0945</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.60</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-0946</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.61</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-1624</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.62</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-1640</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.63</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-2057</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.64</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-2058</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.65</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3270</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.66</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3276</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.67</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3277</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.68</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3278</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.69</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3279</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.70</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3280</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.71</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3282</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.72</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0381</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.73</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0385</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.74</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0386</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.75</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-3079</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.76</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-3949</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.77</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-4618</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.78</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-4619</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.79</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-4620</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.80</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-1142</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.81</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-1145</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.82</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-1146</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.83</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5473</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.84</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5474</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.85</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5475</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.86</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5477</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.87</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5479</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.88</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5480</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.89</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-2108</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.90</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-2109</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.91</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-3327</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.92</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-3354</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.93</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0636</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.94</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0637</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.95</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0642</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.96</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0643</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.97</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0646</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.98</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0647</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.99</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0648</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.100</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0649</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.101</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0650</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.102</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-6278</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.103</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-6279</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.104</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-1349</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.105</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6379</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.106</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6384</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.107</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6385</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.108</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6391</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.109</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6392</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.110</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3857</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.111</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3860</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.112</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3861</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.113</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3862</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.114</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3863</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.115</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2017-3864</item></tablecell>
<tablecell><item>7.8</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.116</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2001-0929</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.117</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0647</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.118</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-1109</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.119</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0054</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.120</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-1057</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.121</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-1058</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.122</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-2105</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.123</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-2841</item></tablecell>
<tablecell><item>7.5</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.124</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1024</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.125</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-1020</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.126</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-1021</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.127</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2006-0340</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.128</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4291</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.129</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4293</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.130</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-5651</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.131</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-1150</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.132</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-1151</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.133</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-1153</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.134</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3800</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.135</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3801</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.136</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3802</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.137</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3804</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.138</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3809</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.139</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-4609</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.140</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-0630</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.141</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-0637</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.142</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-1168</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.143</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2863</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.144</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2873</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.145</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-0577</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.146</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-2830</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.147</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4684</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.148</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0382</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.149</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-1143</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.150</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5472</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.151</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2013-5481</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.152</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-2107</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.153</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-2111</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.154</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0638</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.155</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0681</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.156</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6393</item></tablecell>
<tablecell><item>7.1</item></tablecell>
<tablecell><item>High</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.157</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4295</item></tablecell>
<tablecell><item>6.8</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.158</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2872</item></tablecell>
<tablecell><item>6.8</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.159</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-5040</item></tablecell>
<tablecell><item>6.8</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.160</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-5036</item></tablecell>
<tablecell><item>6.8</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.161</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-4204</item></tablecell>
<tablecell><item>6.8</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.162</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-2587</item></tablecell>
<tablecell><item>6.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.163</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-0771</item></tablecell>
<tablecell><item>6.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.164</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-0197</item></tablecell>
<tablecell><item>6.1</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.165</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-1258</item></tablecell>
<tablecell><item>6.1</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.166</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-3274</item></tablecell>
<tablecell><item>6.1</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.167</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2014-3409</item></tablecell>
<tablecell><item>6.1</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.168</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-0629</item></tablecell>
<tablecell><item>5.4</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.169</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2049</item></tablecell>
<tablecell><item>5.4</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.170</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-1625</item></tablecell>
<tablecell><item>5.4</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.171</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-4016</item></tablecell>
<tablecell><item>5.4</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.172</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-4203</item></tablecell>
<tablecell><item>5.4</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.173</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-1156</item></tablecell>
<tablecell><item>5.1</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.174</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2001-1097</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.175</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2001-1183</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.176</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-0339</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.177</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1706</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.178</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2002-1768</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.179</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0305</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.180</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0511</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.181</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0512</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.182</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2003-0851</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.183</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0079</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.184</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0081</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.185</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0112</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.186</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0710</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.187</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0714</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.188</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-1111</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.189</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-1454</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.190</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-1464</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.191</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-0186</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.192</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-0195</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.193</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-0196</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.194</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-3669</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.195</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4430</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.196</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4687</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.197</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-2059</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.198</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2011-2395</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.199</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0338</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.200</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0339</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.201</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-1367</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.202</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2015-4202</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.203</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-1409</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.204</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6415</item></tablecell>
<tablecell><item>5.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.205</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2004-0244</item></tablecell>
<tablecell><item>4.7</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.206</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2006-0485</item></tablecell>
<tablecell><item>4.6</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.207</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2006-0486</item></tablecell>
<tablecell><item>4.6</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.208</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2007-4632</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.209</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2008-3821</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.210</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2009-2862</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.211</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-0362</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.212</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2012-5039</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.213</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2016-6422</item></tablecell>
<tablecell><item>4.3</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.214</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2010-4685</item></tablecell>
<tablecell><item>4.0</item></tablecell>
<tablecell><item>Medium</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.215</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2006-4650</item></tablecell>
<tablecell><item>2.6</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.216</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>CVE-2005-2451</item></tablecell>
<tablecell><item>2.1</item></tablecell>
<tablecell><item>Low</item></tablecell>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>3.217</item></tablecell>
</tablerow>
</tablebody>
</table>
<text>The vulnerability database used during this audit contains only publically known vulnerabilities and not undisclosed issues known only to the manufacturers and third parties; the database may also not contain all affected versions against a vulnerability entry, meaning that it may not be reported on. Furthermore, it is common for software vulnerabilities to additionally require specific services, protocols, configuration setup or device models in order for them to be exposed.</text>
</section>
<section index="3.219" title="Recommendations" ref="VULNAUDIT.RECOMMENDATIONS">
<text>Nipper Studio strongly recommends that the latest software updates should be applied to the affected devices. When applying the latest software updates usually all the known vulnerabilities will be resolved at once. Since software updates typically include stability, performance and feature improvements in addition to security fixes it is worth reviewing and deploying the latest updates on a regular basis not just for security reasons. Furthermore, sometimes manufacturers will resolve software vulnerabilities and roll the fixes in to their latest software updates without a full disclosure of the issues being resolved.</text>
<text>When deploying a software update Nipper Studio recommends that:</text>
<list type="bullet">
<listitem>the manufacturers software update release notes should be reviewed in order to familiar yourself with what is required, the procedure and any other pertinent information;</listitem>
<listitem>you should make a backup of your existing configuration prior to the update;</listitem>
<listitem>if you have access to a duplicate or contingency device then it is worth testing the procedure on that device prior to deploying the update to the live device.</listitem>
</list>
<text>Performing a software updates on a device is not always straight forward and typically requires a reboot and downtime. Although Nipper Studio recommends installing the latest software updates to resolve software vulnerabilities an alternative mitigation measure may be available. Software vulnerabilities often require specific configuration setups in order to be present and the device manufacturer may publish configuration changes that make it possible to mitigate the exposure.</text>
<text>More information, support and software updates:</text>
<list type="bullet">
<listitem>for Cisco Catalyst Switch devices visit <weblink>http://support.cisco.com</weblink>.</listitem>
</list>
</section>
</part>
<part index="4" title="DISA STIG Compliance" ref="STIGCOMPLIANCE">
<section index="4.1" title="Introduction" ref="STIGCOMPLIANCE.INTRODUCTION">
<text>Nipper Studio performed a Department of Defence STIG compliance audit on Tuesday, August 8, 2017 of the device and STIGs detailed in Table <linktotable ref="STIGCOMPLIANCE.INTRO.DEVICES">32</linktotable>.</text>
<table index="32" title="STIG device audit check list" ref="STIGCOMPLIANCE.INTRO.DEVICES">
<headings>
<heading>Device</heading>
<heading>STIG</heading>
<heading>Profile</heading>
<heading>Version</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>Switch</item></tablecell>
<tablecell><item>Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco</item></tablecell>
<tablecell><item>I - Mission Critical Public</item></tablecell>
<tablecell><item>8 R21 (10/28/16)</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Vulnerability Severity Code Definition">Table <linktotable ref="SEVERITYCODES">33</linktotable> provides the vulnerability severity codes and its definitions.</text>
<table index="33" title="Vulnerability Severity Code Definitions" ref="SEVERITYCODES">
<headings>
<heading>CAT</heading>
<heading>DISA/DIACAP Category Code Guidelines</heading>
<heading>Examples</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>I</item></tablecell>
<tablecell><item>Any vulnerability, the exploitation of which will, directly and immediately result in loss of Confidentiality, Availability, or Integrity. An ATO will not be granted while CAT I weaknesses are present. Note: The exploitation of vulnerabilities must be evaluated at the level of the system or component being reviewed. A workstation for example, is a standalone device for some purposes and part of a larger system for others. Risks to the device are first considered, then risks to the device in its environment, then risks presented by the device to the environment. All risk factors must be considered when developing mitigation strategies at the device and system level.</item></tablecell>
<tablecell><item>Includes BUT NOT LIMITED to the following examples of direct and immediate loss: 1. May result in loss of life, loss of facilities, or equipment, which would result in mission failure. 2. Allows unauthorized access to security or administrator level resources or privileges. 3. Allows unauthorized disclosure of, or access to, classified data or materials. 4. Allows unauthorized access to classified facilities. 5. Allows denial of service or denial of access, which will result in mission failure. 6. Prevents auditing or monitoring of cyber or physical environments. 7. Operation of a system/capability which has not been approved by the appropriate DAA. 8. Unsupported software where there is no documented acceptance of DAA risk.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>II</item></tablecell>
<tablecell><item>Any vulnerability, the exploitation of which has a potential to result in loss of Confidentiality, Availability, or Integrity. CAT II findings that have been satisfactorily mitigated will not prevent an ATO from being granted. Note: The exploitation of vulnerabilities must be evaluated at the level of the system or component being reviewed. A workstation for example, is a standalone device for some purposes and part of a larger system for others. Risks to the device are first considered, then risks to the device in its environment, then risks presented by the device to the environment. All risk factors must be considered when developing mitigation strategies at the device and system level.</item></tablecell>
<tablecell><item>Includes BUT NOT LIMITED to the following examples that have a potential to result in loss: 1. Allows access to information that could lead to a CAT I vulnerability. 2. Could result in personal injury, damage to facilities, or equipment which would degrade the mission. 3. Allows unauthorized access to user or application level system resources. 4. Could result in the loss or compromise of sensitive information. 5. Allows unauthorized access to Government or Contractor owned or leased facilities. 6. May result in the disruption of system or network resources that degrades the ability to perform the mission. 7. Prevents a timely recovery from an attack or system outage. 8. Provides unauthorized disclosure of or access to unclassified sensitive, PII, or other data or materials.</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>III</item></tablecell>
<tablecell><item>Any vulnerability, the existence of which degrades measures to protect against loss of Confidentiality, Availability, or Integrity. Assigned findings that may impact IA posture but are not required to be mitigated or corrected in order for an ATO to be granted. Note: The exploitation of vulnerabilities must be evaluated at the level of the system or component being reviewed. A workstation for example, is a standalone device for some purposes and part of a larger system for others. Risks to the device are first considered, then risks to the device in its environment, then risks presented by the device to the environment. All risk factors must be considered when developing mitigation strategies at the device and system level.</item></tablecell>
<tablecell><item>Includes BUT NOT LIMITED to the following examples that provide information which could potentially result in degradation of system information assurance measures or loss of data: 1. Allows access to information that could lead to a CAT II vulnerability. 2. Has the potential to affect the accuracy or reliability of data pertaining to personnel, resources, operations, or other sensitive information. 3. Allows the running of any applications, services or protocols that do not support mission functions. 4. Degrades a defense in depth systems security architecture. 5. Degrades the timely recovery from an attack or system outage. 6. Indicates inadequate security administration. 7. System not documented in the sites C&amp;A Package / SSP. 8. Lack of document retention by the Information Assurance Manager IAM (i.e., completed user agreement forms).</item></tablecell>
</tablerow>
</tablebody>
</table>
<text title="Disclaimer">The following compliance audit is designed to add speed and convenience to a manual STIG assessment. To maintain validity we always recommend that you use the latest release of the DISA STIG. Any automated compliance reporting should be combined with careful analysis and additional manual checks may be required.</text>
</section>
<section index="4.2" title="Switch Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco Summary" ref="STIGCOMPLIANCE.SUMMARY.">
<text>Table <linktotable ref="STIG.CHECKLIST.1">34</linktotable> provides a summary of the &quot;Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco&quot; version 8 release 21 (10/28/16) compliance audit as &quot;I - Mission Critical Public&quot; against the Cisco Catalyst Switch device Switch. A more detailed analysis of each requirement and the findings follows this summary.</text>
<table index="34" title="Switch Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco summary" ref="STIG.CHECKLIST.1">
<headings>
<heading>Group</heading>
<heading>STIG</heading>
<heading>Title</heading>
<heading>Responsibility</heading>
<heading>IA Controls</heading>
<heading>Severity</heading>
<heading>State</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>V-3000</item></tablecell>
<tablecell><item>NET1020</item></tablecell>
<tablecell><item>Interface ACL deny statements are not logged.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECAT-1, ECAT-2, ECSC-1</item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3008</item></tablecell>
<tablecell><item>NET1800</item></tablecell>
<tablecell><item>IPSec VPN is not configured as a tunnel type VPN.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3012</item></tablecell>
<tablecell><item>NET0230</item></tablecell>
<tablecell><item>Network element is not password protected.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3013</item></tablecell>
<tablecell><item>NET0340</item></tablecell>
<tablecell><item>Login banner is non-existent or not DOD-approved.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3014</item></tablecell>
<tablecell><item>NET1639</item></tablecell>
<tablecell><item>Management connection does not timeout.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3020</item></tablecell>
<tablecell><item>NET0820</item></tablecell>
<tablecell><item>DNS servers must be defined for client resolver. </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3021</item></tablecell>
<tablecell><item>NET0890</item></tablecell>
<tablecell><item>SNMP access is not restricted by IP address.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3034</item></tablecell>
<tablecell><item>NET0400</item></tablecell>
<tablecell><item>Interior routing protocols are not authenticated.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3043</item></tablecell>
<tablecell><item>NET1675</item></tablecell>
<tablecell><item>SNMP privileged and non-privileged access.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3056</item></tablecell>
<tablecell><item>NET0460</item></tablecell>
<tablecell><item>Group accounts are defined.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3057</item></tablecell>
<tablecell><item>NET0465</item></tablecell>
<tablecell><item>Accounts assigned least privileges necessary to perform duties.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3058</item></tablecell>
<tablecell><item>NET0470</item></tablecell>
<tablecell><item>Unauthorized accounts are configured to access device.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3062</item></tablecell>
<tablecell><item>NET0600</item></tablecell>
<tablecell><item>Passwords are viewable when displaying the config.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3069</item></tablecell>
<tablecell><item>NET1638</item></tablecell>
<tablecell><item>Management connections must be secured by FIPS 140-2. </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>DCNR-1, ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3070</item></tablecell>
<tablecell><item>NET1640</item></tablecell>
<tablecell><item>Management connections must be logged.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3072</item></tablecell>
<tablecell><item>NET1030</item></tablecell>
<tablecell><item>Running and startup configurations are not synchronized.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3078</item></tablecell>
<tablecell><item>NET0720</item></tablecell>
<tablecell><item>TCP and UDP small server services are not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3079</item></tablecell>
<tablecell><item>NET0730</item></tablecell>
<tablecell><item>The finger service is not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3080</item></tablecell>
<tablecell><item>NET0760</item></tablecell>
<tablecell><item>Configuration auto-loading must be disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3081</item></tablecell>
<tablecell><item>NET0770</item></tablecell>
<tablecell><item>IP Source Routing is not disabled on all routers.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3083</item></tablecell>
<tablecell><item>NET0790</item></tablecell>
<tablecell><item>IP directed broadcast is not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3085</item></tablecell>
<tablecell><item>NET0740</item></tablecell>
<tablecell><item>HTTP server is not disabled </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3086</item></tablecell>
<tablecell><item>NET0750</item></tablecell>
<tablecell><item>The Bootp service is not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3143</item></tablecell>
<tablecell><item>NET0240</item></tablecell>
<tablecell><item>Devices exist with standard default passwords.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3160</item></tablecell>
<tablecell><item>NET0700</item></tablecell>
<tablecell><item>Operating system is not at a current release level.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3175</item></tablecell>
<tablecell><item>NET1636</item></tablecell>
<tablecell><item>Management connections must require passwords.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3196</item></tablecell>
<tablecell><item>NET1660</item></tablecell>
<tablecell><item>An insecure version of SNMP is being used.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3210</item></tablecell>
<tablecell><item>NET1665</item></tablecell>
<tablecell><item>Using default SNMP community names.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3966</item></tablecell>
<tablecell><item>NET0440</item></tablecell>
<tablecell><item>More than one local account is defined.</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3967</item></tablecell>
<tablecell><item>NET1624</item></tablecell>
<tablecell><item>The console port does not timeout after 10 minutes.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3969</item></tablecell>
<tablecell><item>NET0894</item></tablecell>
<tablecell><item>Network element must only allow SNMP read access.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3971</item></tablecell>
<tablecell><item>NET-VLAN-004</item></tablecell>
<tablecell><item>VLAN 1 is being used as a user VLAN.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3972</item></tablecell>
<tablecell><item>NET-VLAN-005</item></tablecell>
<tablecell><item>VLAN 1 traffic traverses across unnecessary trunk </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3973</item></tablecell>
<tablecell><item>NET-VLAN-002</item></tablecell>
<tablecell><item>Disabled ports are not kept in an unused VLAN.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-3984</item></tablecell>
<tablecell><item>NET-VLAN-009</item></tablecell>
<tablecell><item>Access switchports are assigned to the native VLAN</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-4582</item></tablecell>
<tablecell><item>NET1623</item></tablecell>
<tablecell><item>Authentication required for console access.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>IAIA-1, IAIA-2</item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-4584</item></tablecell>
<tablecell><item>NET1021</item></tablecell>
<tablecell><item>The network element must log all messages except debugging.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5611</item></tablecell>
<tablecell><item>NET1637</item></tablecell>
<tablecell><item>Management connections are not restricted.</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5612</item></tablecell>
<tablecell><item>NET1645</item></tablecell>
<tablecell><item>SSH session timeout is not 60 seconds or less.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5613</item></tablecell>
<tablecell><item>NET1646</item></tablecell>
<tablecell><item>SSH login attempts value is greater than 3.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5614</item></tablecell>
<tablecell><item>NET0722</item></tablecell>
<tablecell><item>The PAD service is enabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5615</item></tablecell>
<tablecell><item>NET0724</item></tablecell>
<tablecell><item>TCP Keep-Alives must be enabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5616</item></tablecell>
<tablecell><item>NET0726</item></tablecell>
<tablecell><item>Identification support is enabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5618</item></tablecell>
<tablecell><item>NET0781</item></tablecell>
<tablecell><item>Gratuitous ARP must be disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5622</item></tablecell>
<tablecell><item>NET-VLAN-008</item></tablecell>
<tablecell><item>A dedicated VLAN is required for all trunk ports.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5623</item></tablecell>
<tablecell><item>NET-VLAN-007</item></tablecell>
<tablecell><item>Ensure trunking is disabled on all access ports.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5624</item></tablecell>
<tablecell><item>NET-NAC-012</item></tablecell>
<tablecell><item>Re-authentication must occur every 60 minutes.</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5626</item></tablecell>
<tablecell><item>NET-NAC-009</item></tablecell>
<tablecell><item>NET-NAC-009</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5628</item></tablecell>
<tablecell><item>NET-VLAN-006</item></tablecell>
<tablecell><item>The VLAN1 is being used for management traffic.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5645</item></tablecell>
<tablecell><item>NET0949</item></tablecell>
<tablecell><item>Cisco Express Forwarding (CEF) not enabled on supported devices.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-5646</item></tablecell>
<tablecell><item>NET0965</item></tablecell>
<tablecell><item>Devices not configured to filter and drop half-open connections.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-7009</item></tablecell>
<tablecell><item>NET0425</item></tablecell>
<tablecell><item>An Infinite Lifetime key has not been implemented</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-7011</item></tablecell>
<tablecell><item>NET1629</item></tablecell>
<tablecell><item>The auxiliary port is not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14667</item></tablecell>
<tablecell><item>NET0422</item></tablecell>
<tablecell><item>Key expiration exceeds 180 days.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14669</item></tablecell>
<tablecell><item>NET0744</item></tablecell>
<tablecell><item>BSDr commands are not disabled.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14671</item></tablecell>
<tablecell><item>NET0813</item></tablecell>
<tablecell><item>NTP messages are not authenticated.</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14672</item></tablecell>
<tablecell><item>NET0897</item></tablecell>
<tablecell><item>Authentication traffic does not use loopback address or OOB Management interface.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14673</item></tablecell>
<tablecell><item>NET0898</item></tablecell>
<tablecell><item>Syslog traffic is not using loopback address or OOB management interface.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14674</item></tablecell>
<tablecell><item>NET0899</item></tablecell>
<tablecell><item>NTP traffic is not using loopback address or OOB Management interface.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14675</item></tablecell>
<tablecell><item>NET0900</item></tablecell>
<tablecell><item>SNMP traffic does not use loopback address or OOB Management interface.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14676</item></tablecell>
<tablecell><item>NET0901</item></tablecell>
<tablecell><item>Netflow traffic is not using loopback address.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14677</item></tablecell>
<tablecell><item>NET0902</item></tablecell>
<tablecell><item>FTP/TFTP traffic does not use loopback address or OOB Management interface.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14681</item></tablecell>
<tablecell><item>NET0903</item></tablecell>
<tablecell><item>Loopback address is not used as the iBGP source IP.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14693</item></tablecell>
<tablecell><item>NET-IPV6-025</item></tablecell>
<tablecell><item>IPv6 Site Local Unicast ADDR must not be defined</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14705</item></tablecell>
<tablecell><item>NET-IPV6-033</item></tablecell>
<tablecell><item>IPv6 routers are not configured with CEF enabled </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14707</item></tablecell>
<tablecell><item>NET-IPV6-034</item></tablecell>
<tablecell><item>IPv6 Egress Outbound Spoofing Filter </item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-14717</item></tablecell>
<tablecell><item>NET1647</item></tablecell>
<tablecell><item>The network element must not allow SSH Version 1.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-15288</item></tablecell>
<tablecell><item>NET-TUNL-017</item></tablecell>
<tablecell><item>ISATAP tunnels must terminate at interior router.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-15432</item></tablecell>
<tablecell><item>NET0433</item></tablecell>
<tablecell><item>The device is not authenticated using a AAA server.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Failed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-15434</item></tablecell>
<tablecell><item>NET0441</item></tablecell>
<tablecell><item>Emergency administration account privilege level is not set.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT I</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17754</item></tablecell>
<tablecell><item>NET1807</item></tablecell>
<tablecell><item>Management traffic is not restricted</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17814</item></tablecell>
<tablecell><item>NET1808</item></tablecell>
<tablecell><item>Remote VPN end-point not a mirror of local gateway</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17815</item></tablecell>
<tablecell><item>NET0985</item></tablecell>
<tablecell><item>IGP instances do not peer with appropriate domain</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17816</item></tablecell>
<tablecell><item>NET0986</item></tablecell>
<tablecell><item>Routes from the two IGP domains are redistributed </item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Passed</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17817</item></tablecell>
<tablecell><item>NET0987</item></tablecell>
<tablecell><item>Managed network has access to OOBM gateway router</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17818</item></tablecell>
<tablecell><item>NET0988</item></tablecell>
<tablecell><item>Traffic from the managed network will leak </item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17819</item></tablecell>
<tablecell><item>NET0989</item></tablecell>
<tablecell><item>Management traffic leaks into the managed network</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17821</item></tablecell>
<tablecell><item>NET0991</item></tablecell>
<tablecell><item>The OOBM interface not configured correctly.</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17822</item></tablecell>
<tablecell><item>NET0992</item></tablecell>
<tablecell><item>The management interface does not have an ACL.</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17823</item></tablecell>
<tablecell><item>NET0993</item></tablecell>
<tablecell><item>The management interface is not IGP passive.</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17824</item></tablecell>
<tablecell><item>NET0994</item></tablecell>
<tablecell><item>Management interface is assigned to a user VLAN. </item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17825</item></tablecell>
<tablecell><item>NET0995</item></tablecell>
<tablecell><item>Management VLAN has invalid addresses</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17826</item></tablecell>
<tablecell><item>NET0996</item></tablecell>
<tablecell><item>Invalid ports with membership to the mgmt VLAN</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17827</item></tablecell>
<tablecell><item>NET0997</item></tablecell>
<tablecell><item>The management VLAN is not pruned from trunk links</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17832</item></tablecell>
<tablecell><item>NET1003</item></tablecell>
<tablecell><item>Mgmt VLAN does not have correct IP address</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17833</item></tablecell>
<tablecell><item>NET1004</item></tablecell>
<tablecell><item>No ingress ACL on management VLAN interface</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17834</item></tablecell>
<tablecell><item>NET1005</item></tablecell>
<tablecell><item>No inbound ACL for mgmt network sub-interface</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17835</item></tablecell>
<tablecell><item>NET1006</item></tablecell>
<tablecell><item>IPSec traffic is not restricted</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17836</item></tablecell>
<tablecell><item>NET1007</item></tablecell>
<tablecell><item>Management traffic is not classified and marked</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-17837</item></tablecell>
<tablecell><item>NET1008</item></tablecell>
<tablecell><item>Management traffic doesn't get preferred treatment</item></tablecell>
<tablecell><item>System Administrator</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18522</item></tablecell>
<tablecell><item>NET-SRVFRM-003</item></tablecell>
<tablecell><item>ACLs must restrict access to server VLANs.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18523</item></tablecell>
<tablecell><item>NET-SRVFRM-004</item></tablecell>
<tablecell><item>ACLs do not protect against compromised servers</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18544</item></tablecell>
<tablecell><item>NET-VLAN-023</item></tablecell>
<tablecell><item>Restricted VLAN not assigned to non-802.1x device.</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>DCSP-1</item></tablecell>
<tablecell><item>CAT III</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18545</item></tablecell>
<tablecell><item>NET-VLAN-024</item></tablecell>
<tablecell><item>Upstream access not restricted for non-802.1x VLAN</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item></item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18566</item></tablecell>
<tablecell><item>NET-NAC-031</item></tablecell>
<tablecell><item>NET-NAC-031</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>DCSP-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-18790</item></tablecell>
<tablecell><item>NET-TUNL-012</item></tablecell>
<tablecell><item>NET-TUNL-012</item></tablecell>
<tablecell><item>Information Assurance Officer</item></tablecell>
<tablecell><item>ECSC-1</item></tablecell>
<tablecell><item>CAT II</item></tablecell>
<tablecell><item>Manual</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>V-19188</item></tablecell>
<
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment