Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
524
Views
0
Helpful
3
Replies

IOS Vulnerability reported by nessus

mlatham67
Level 1
Level 1

‎12-11-2007 02:40 AM - edited ‎03-09-2019 07:36 PM

Hi,

I have a customer that has run a nessus vulnerability scan, and it reports that there is a dos risk on his 3750, even though the nessus report relates to winterm thin clients.

Quote:

It was possible to crash the remote host by sending a specially crafted IP packet with a null length for IP option #0xE4

Risk Factor : High

CVE : CVE-2005-2577

BID : 7175, 14536

I am relativley new to security and have been unable to find any reference to this threat. Any help would be greatly appreciated.

Thanks

Labels:
0 Helpful
3 Replies 3

aghaznavi
Level 5
Level 5

‎12-18-2007 07:01 AM

May be remote host by sending a IP packet with a null length for IP option #0xE4

0 Helpful

mhellman
Level 7
Level 7

‎12-18-2007 07:43 AM

did the router crash or not? most vulnerability scanners have false positives and Nessus is certainly no exception. this clearly looks like one since a router is not a thin client device;-)

You can use hping to test to verify.

0 Helpful

mlatham67
Level 1
Level 1
In response to mhellman

‎12-18-2007 01:27 PM

Hi,

Thanks for the reply, the switch didn't crash he is just worried that it could, though all the info I can find relates to thin clients also. He is just very worried as this unit is actings right at his core for layer 3 on a major part of his network.

the IOS concerened is c3750-ipservices-mz.122-25.SEB4, but I cant see any bug on this that relates to altered packets.

0 Helpful
Customers Also Viewed These Support Documents