[c-nsp] Checking if IOS has security vulnerability

Subba Rao umroute at tanucoo.com
Tue Feb 7 00:48:40 EST 2012


Your best bet would be looking at the CVE, BUGTRAQ reports.  By the
time, CVE/BUGTRAQ release the vulnerability, Cisco releases the
vulnerability report as well.

Other than that, Pen testing tools will give some information as to
which versions of IOS can be exploited by the tools.  Vulnerability
scanners like Nessus and such will allow you to scan the with Cisco
specific plugins, which also give out good information as to which IOS
version is exploitable by the vulnerability.

Hope this helps.  Good luck.

On Tue, 2012-02-07 at 15:40 +1100, CiscoNSP_list CiscoNSP_list wrote:
> Hi Guys,
> Is there an "easy" way to check if a certain version of IOS has any known security vulnerabilities?
> http://tools.cisco.com/security/center/publicationListing#~CiscoSecurityAdvisory
> 
> seems to list the security issues, but is there anywhere to enter an IOS version to see if it is affected by any (known) security issues?
> Cheers. 		 	   		  





More information about the cisco-nsp mailing list