Server IP : 80.87.202.40 / Your IP : 216.73.216.169 Web Server : Apache System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64 User : bitrix ( 600) PHP Version : 8.2.27 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/nmap/scripts/ |
Upload File : |
local anyconnect = require('anyconnect') local shortport = require('shortport') local vulns = require('vulns') local sslcert = require('sslcert') local stdnse = require "stdnse" description = [[ Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SIP Denial of Service Vulnerability (CVE-2014-2129). ]] --- -- @see http-vuln-cve2014-2126.nse -- @see http-vuln-cve2014-2127.nse -- @see http-vuln-cve2014-2128.nse -- -- @usage -- nmap -p 443 --script http-vuln-cve2014-2129 <target> -- -- @output -- PORT STATE SERVICE -- 443/tcp open https -- | http-vuln-cve2014-2129: -- | VULNERABLE: -- | Cisco ASA SIP Denial of Service Vulnerability -- | State: VULNERABLE -- | Risk factor: High CVSSv2: 7.1 (HIGH) (AV:N/AC:M/AU:N/C:N/I:N/A:C) -- | Description: -- | The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. -- | -- | References: -- | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa -- |_ http://cvedetails.com/cve/2014-2129/ author = "Patrik Karlsson <patrik@cqure.net>" license = "Same as Nmap--See https://nmap.org/book/man-legal.html" categories = {"vuln", "safe"} portrule = function(host, port) return shortport.ssl(host, port) or sslcert.isPortSupported(port) end action = function(host, port) local vuln_table = { title = "Cisco ASA SIP Denial of Service Vulnerability", state = vulns.STATE.NOT_VULN, risk_factor = "High", scores = { CVSSv2 = "7.1 (HIGH) (AV:N/AC:M/AU:N/C:N/I:N/A:C)", }, description = [[ The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. ]], references = { 'http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa', 'http://cvedetails.com/cve/2014-2129/' } } local vuln_versions = { ['8'] = { ['2'] = 5.48, ['4'] = 6.5, }, ['9'] = { ['0'] = 3.1, ['1'] = 2.5, }, } local report = vulns.Report:new(SCRIPT_NAME, host, port) local ac = anyconnect.Cisco.AnyConnect:new(host, port) local status, err = ac:connect() if not status then return stdnse.format_output(false, err) else local ver = ac:get_version() if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then vuln_table.state = vulns.STATE.VULN end end end return report:make_output(vuln_table) end