Details of VAR-201409-0391

ID

VAR-201409-0391

CVE

CVE-2014-3361

TITLE

Cisco IOS of ALG Service disruption in modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004407

DESCRIPTION

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS Software is prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCun54071. The vulnerability stems from the fact that the program does not properly handle the translation of IPv4 packets

Trust: 2.52

sources: NVD: CVE-2014-3361 // JVNDB: JVNDB-2014-004407 // CNVD: CNVD-2014-06425 // BID: 70129 // VULHUB: VHN-71301

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-06425

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0 to 15.4	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0-15.4	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	3.x	Trust: 0.6
vendor:	rockwell	model:	automation stratix	scope:	eq	version:	59000	Trust: 0.3
vendor:	cisco	model:	ios software	scope:	eq	version:	0	Trust: 0.3
vendor:	rockwell	model:	automation stratix	scope:	ne	version:	590015.6.3	Trust: 0.3

sources: CNVD: CNVD-2014-06425 // BID: 70129 // JVNDB: JVNDB-2014-004407 // CNNVD: CNNVD-201409-964 // NVD: CVE-2014-3361

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3361
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-3361
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-06425
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201409-964
value:	HIGH
Trust: 0.6
VULHUB:	VHN-71301
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-3361
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-06425
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-71301
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-06425 // VULHUB: VHN-71301 // JVNDB: JVNDB-2014-004407 // CNNVD: CNNVD-201409-964 // NVD: CVE-2014-3361

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-71301 // JVNDB: JVNDB-2014-004407 // NVD: CVE-2014-3361

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201409-964

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201409-964

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004407

PATCH

title:	Cisco IOS Software Network Address Translation Denial of Service Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml	Trust: 0.8
title:	cisco-sa-20140924-nat	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat	Trust: 0.8
title:	4517/0	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4517&signatureSubId=0&softwareVersion=6.0&releaseVersion=S823	Trust: 0.8
title:	4517/1	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4517&signatureSubId=1&softwareVersion=6.0&releaseVersion=S823	Trust: 0.8
title:	4517/2	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4517&signatureSubId=2&softwareVersion=6.0&releaseVersion=S823	Trust: 0.8
title:	35610	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=35610	Trust: 0.8
title:	Patch for Cisco IOS and IOS XE Software Denial of Service Vulnerability (CNVD-2014-06425)	url:	https://www.cnvd.org.cn/patchInfo/show/50448	Trust: 0.6

sources: CNVD: CNVD-2014-06425 // JVNDB: JVNDB-2014-004407

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3361	Trust: 3.4
db:	BID	id:	70129	Trust: 1.4
db:	SECTRACK	id:	1030896	Trust: 1.1
db:	JVNDB	id:	JVNDB-2014-004407	Trust: 0.8
db:	CNNVD	id:	CNNVD-201409-964	Trust: 0.7
db:	BID	id:	70130	Trust: 0.6
db:	CNVD	id:	CNVD-2014-06425	Trust: 0.6
db:	ICS CERT	id:	ICSA-17-094-04	Trust: 0.3
db:	VULHUB	id:	VHN-71301	Trust: 0.1

sources: CNVD: CNVD-2014-06425 // VULHUB: VHN-71301 // BID: 70129 // JVNDB: JVNDB-2014-004407 // CNNVD: CNNVD-201409-964 // NVD: CVE-2014-3361

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140924-nat	Trust: 2.0
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml	Trust: 1.7
url:	http://www.securityfocus.com/bid/70129	Trust: 1.1
url:	http://www.securitytracker.com/id/1030896	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/96181	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3361	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3361	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3355	Trust: 0.6
url:	http://www.securityfocus.com/bid/70130	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-094-04	Trust: 0.3

sources: CNVD: CNVD-2014-06425 // VULHUB: VHN-71301 // BID: 70129 // JVNDB: JVNDB-2014-004407 // CNNVD: CNNVD-201409-964 // NVD: CVE-2014-3361

CREDITS

Cisco

Trust: 0.3

sources: BID: 70129

SOURCES

db:	CNVD	id:	CNVD-2014-06425
db:	VULHUB	id:	VHN-71301
db:	BID	id:	70129
db:	JVNDB	id:	JVNDB-2014-004407
db:	CNNVD	id:	CNNVD-201409-964
db:	NVD	id:	CVE-2014-3361

LAST UPDATE DATE

2025-04-13T22:15:03.015000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-06425	date:	2014-09-28T00:00:00
db:	VULHUB	id:	VHN-71301	date:	2017-08-29T00:00:00
db:	BID	id:	70129	date:	2017-05-23T16:24:00
db:	JVNDB	id:	JVNDB-2014-004407	date:	2014-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201409-964	date:	2014-09-28T00:00:00
db:	NVD	id:	CVE-2014-3361	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-06425	date:	2014-09-28T00:00:00
db:	VULHUB	id:	VHN-71301	date:	2014-09-25T00:00:00
db:	BID	id:	70129	date:	2014-09-24T00:00:00
db:	JVNDB	id:	JVNDB-2014-004407	date:	2014-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201409-964	date:	2014-09-28T00:00:00
db:	NVD	id:	CVE-2014-3361	date:	2014-09-25T10:55:08.730