Details of VAR-E-200206-0117

ID

VAR-E-200206-0117

TITLE

Cisco SSH Denial of Service Vulnerability

Trust: 0.3

sources: BID: 5114

DESCRIPTION

While addressing vulnerabilities described in http://www.cisco.com/warp/public/707/SSH-multiple-pub.html, a denial of service condition has been inadvertently introduced into firmware upgrades. Firmware for routers and switches (IOS), Catalyst 6000 switches running CatOS, Cisco PIX Firewall and Cisco 11000 Content Service Switch devices may be vulnerable.
Cisco has reported that scanning for SSH vulnerabilities on affected devices will cause excessive CPU consumption. The condition is due to a failure of the Cisco SSH implementation to properly process large SSH packets.
Repeated and concurrent attacks may result in a denial of device service. As many of these devices are critical infrastructure components, more serious network outages may occur.
Cisco has released upgrades that will eliminate this vulnerability.

Trust: 0.3

sources: BID: 5114

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst csx	scope:	eq	version:	60005.3	Trust: 2.4
vendor:	cisco	model:	ios 12.1 ex	scope:	-	version:	-	Trust: 1.2
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1	Trust: 0.9
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5	Trust: 0.9
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	ios 12.2yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2da	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 0.3
vendor:	cisco	model:	ios 12.1yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ec	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0xv	Trust: 0.3
vendor:	cisco	model:	ios 12.0xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0st	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11000 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.3(4)	Trust: 0.3
vendor:	cisco	model:	catalyst pan	scope:	eq	version:	60006.3	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.2(0.111)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.2(0.110)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1(2.13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4	Trust: 0.3

sources: BID: 5114

EXPLOIT

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

Trust: 0.3

sources: BID: 5114

PRICE

Free

Trust: 0.3

sources: BID: 5114

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 5114

CREDITS

Credited to Cisco Systems.

Trust: 0.3

sources: BID: 5114

EXTERNAL IDS

db:

BID

id:

5114

Trust: 0.3

sources: BID: 5114

REFERENCES

url:

http://www.cisco.com/warp/public/707/ssh-scanning.shtml

Trust: 0.3

sources: BID: 5114

SOURCES

db:

BID

id:

5114

LAST UPDATE DATE

2022-07-27T09:20:58.609000+00:00

SOURCES UPDATE DATE

db:

BID

id:

5114

date:

2002-06-27T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

5114

date:

2002-06-27T00:00:00