ID

VAR-200212-0624


CVE

CVE-2002-1357


TITLE

Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Trust: 0.8

sources: CERT/CC: VU#389665

DESCRIPTION

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability with incorrect lengths of fields in SSH packets has been reported for multiple products that use SSH2 for secure communications. The vulnerability has been reported to affect initialization, key exchange, and negotiation phases of SSH communications. An attacker may exploit the vulnerability to perform denial-of-service attacks against vulnerable systems and possibly to execute malicious, attacker-supplied code. Further details about the vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in Bugtraq ID 6397. -----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. I. It provides strong encryption, cryptographic host authentication, and integrity protection.... These vulnerabilities include buffer overflows, and they occur before any user authentication takes place. SSHredder was primarily designed to test key exchange and other processes that are specific to version 2 of the SSH protocol; however, certain classes of tests are also applicable to version 1. Rapid7 has published a detailed advisory (R7-0009) and the SSHredder test suite. Common Vulnerabilities and Exposures (CVE) has assigned the following candidate numbers for several classes of tests performed by SSHredder: * CAN-2002-1357 - incorrect field lengths * CAN-2002-1358 - lists with empty elements or multiple separators * CAN-2002-1359 - "classic" buffer overflows * CAN-2002-1360 - null characters in strings II. On Microsoft Windows systems, SSH servers commonly run with SYSTEM privileges, and on UNIX systems, SSH daemons typically run with root privileges. III. Solution Apply a patch or upgrade Apply the appropriate patch or upgrade as specified by your vendor. See Appendix A below and the Systems Affected section of VU#389665 for specific information. Restrict access Limit access to SSH servers to trusted hosts and networks using firewalls or other packet-filtering systems. Some SSH servers may have the ability to restrict access based on IP addresses, or similar effects may be achieved by using TCP wrappers or other related technology. SSH clients can reduce the risk of attacks by only connecting to trusted servers by IP address. While these workarounds will not prevent exploitation of these vulnerabilities, they will make attacks somewhat more difficult, in part by limiting the number of potential sources of attacks. Appendix A. Vendor Information This appendix contains information provided by vendors. When vendors report new information, this section is updated and the changes are noted in the revision history. If a vendor is not listed below, we have not received their comments. The Systems Affected section of VU#389665 contains additional vendor status information. Cisco Systems, Inc. The official statement regarding this is that we are not vulnerable. Cray Inc. Cray Inc. supports the OpenSSH product through their Cray Open Software (COS) package. COS 3.3, available the end of December 2002, is not vulnerable. If a site is concerned, they can contact their local Cray representive to obtain an early copy of the OpenSSH contained in COS 3.3. F-Secure F-Secure SSH products are not exploitable via these attacks. While F-Secure SSH versions 3.1.0 build 11 and earlier crash on these malicious packets, we did not find ways to exploit this to gain unauthorized access or to run arbitrary code. Furthermore, the crash occurs in a forked process so the denial of service attacks are not possible. Fujitsu Fujitsu's UXP/V OS is not vulnerable because it does not support SSH. IBM IBM's AIX is not vulnerabible to the issues discussed in CERT Vulnerability Note VU#389665. lsh I've now tried the testsuite with the latest stable release of lsh, lsh-1.4.2. Both the client and the server seem NOT VULNERABLE. NetScreen Technologies Inc. Tested latest versions. Not Vulnerable. OpenSSH From my testing it seems that the current version of OpenSSH (3.5) is not vulnerable to these problems, and some limited testing shows that no version of OpenSSH is vulnerable. Pragma Systems, Inc. December 16, 2002 Rapid 7 and CERT Coordination Center Vulnerability report VU#389665 Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a possible vulnerability with Version 2.0 of Pragma SecureShell. Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new Version 3.0, and found that the attacks did cause a memory access protection fault on Microsoft platforms. After research, Pragma Systems corrected the problem. The problem is corrected in Pragma SecureShell Version 3.0. Any customers with concerns regarding this vulnerability report should contact Pragma Systems, Inc at support@pragmasys.com for information on obtaining an upgrade free of charge. Pragma's web site is located at www.pragmasys.com and the company can be reached at 1-512-219-7270. PuTTY PuTTY 0.53b addresses vulnerabilities discovered by SSHredder. Appendix B. References * CERT/CC Vulnerability Note: VU#389665 - http://www.kb.cert.org/vuls/id/389665 * Rapid 7 Advisory: R7-0009 - http://www.rapid7.com/advisories/R7-0009.txt * Rapid 7 SSHredder test suite - http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666 * IETF Draft: SSH Transport Layer Protocol - http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15. txt * IETF Draft: SSH Protocol Architecture - http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture- 13.txt * Privilege Separated OpenSSH - http://www.citi.umich.edu/u/provos/ssh/privsep.html _________________________________________________________________ The CERT Coordination Center thanks Rapid7 for researching and reporting these vulnerabilities. _________________________________________________________________ Author: Art Manion. ______________________________________________________________________ This document is available from: http://www.cert.org/advisories/CA-2002-36.html ______________________________________________________________________ CERT/CC Contact Information Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A. CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends. Using encryption We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key If you prefer to use DES, please call the CERT hotline for more information. Getting security information CERT publications and other security information are available from our web site http://www.cert.org/ To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message subscribe cert-advisory * "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office. ______________________________________________________________________ NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. _________________________________________________________________ Conditions for use, disclaimers, and sponsorship information Copyright 2002 Carnegie Mellon University. Revision History December 16, 2002: Initial release -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/ PlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd yIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3 xazIo8XEipc= =Nj+0 -----END PGP SIGNATURE-----

Trust: 3.15

sources: NVD: CVE-2002-1357 // CERT/CC: VU#389665 // JVNDB: JVNDB-2002-000322 // BID: 6405 // BID: 6397 // VULHUB: VHN-5742 // VULMON: CVE-2002-1357 // PACKETSTORM: 30625

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 2.7

vendor:winscpmodel:winscpscope:eqversion:2.0.0

Trust: 1.6

vendor:netcompositemodel:shellguard sshscope:eqversion:3.4.6

Trust: 1.6

vendor:intersoftmodel:securenettermscope:eqversion:5.4.1

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2s

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1ea

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0st

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1e

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0s

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1t

Trust: 1.6

vendor:pragmamodel:secureshellscope:eqversion:2.0

Trust: 1.0

vendor:fisshmodel:ssh clientscope:eqversion:1.0a_for_windows

Trust: 1.0

vendor:puttymodel:puttyscope:eqversion:0.49

Trust: 1.0

vendor:puttymodel:puttyscope:eqversion:0.53

Trust: 1.0

vendor:puttymodel:puttyscope:eqversion:0.48

Trust: 1.0

vendor:alcatelmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:f securemodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:intersoftmodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:pragmamodel: - scope: - version: -

Trust: 0.8

vendor:puttymodel: - scope: - version: -

Trust: 0.8

vendor:riverstonemodel: - scope: - version: -

Trust: 0.8

vendor:ssh securitymodel: - scope: - version: -

Trust: 0.8

vendor:winscpmodel: - scope: - version: -

Trust: 0.8

vendor:f securemodel:f-secure sshscope:lteversion:3.1.0

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.0

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.8

vendor:simonmodel:tatham puttyscope:eqversion:0.53

Trust: 0.6

vendor:simonmodel:tatham puttyscope:eqversion:0.49

Trust: 0.6

vendor:simonmodel:tatham puttyscope:eqversion:0.48

Trust: 0.6

vendor:pragmamodel:systems secureshellscope:eqversion:2.0

Trust: 0.6

vendor:fisshmodel:ssh client for windows ascope:eqversion:1.0

Trust: 0.6

vendor:simonmodel:tatham putty bscope:neversion:0.53

Trust: 0.6

vendor:pragmamodel:systems secureshellscope:neversion:3.0

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.5

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.4

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.4

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.3

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.3

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.2.3

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.2.2

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.2

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.1

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.1

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.0.2

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.0.2

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.0.1

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.0.1

Trust: 0.6

vendor:opensshmodel:p1scope:neversion:3.0

Trust: 0.6

vendor:opensshmodel:opensshscope:neversion:3.0

Trust: 0.6

vendor:lshmodel:lshscope:neversion:1.5

Trust: 0.6

vendor:intersoftmodel:securenettermscope:neversion:5.4.2

Trust: 0.6

vendor:bitvisemodel:winsshdscope:neversion:3.5

Trust: 0.6

vendor:ciscomodel:onsscope:eqversion:156001.3(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.0

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.6(1)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.6(0)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.5

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.1(3)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.1(2)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.1(1)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.1(0)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.0(2)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.0(1)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.0(0)

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:3.4

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:3.3

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:3.2

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:ons 15454sdhscope:eqversion:2.3(5)

Trust: 0.3

vendor:ciscomodel:ons 15454e optical transport platformscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.14

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.6(1)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.6(0)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.5

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(3)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(2)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(1)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(0)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0(2)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0(1)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.4

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.3

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.2.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.1.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154542.3(5)

Trust: 0.3

vendor:ciscomodel:ons ios-based bladesscope:eqversion:15454

Trust: 0.3

vendor:ciscomodel:ons metro edge optical transport platformscope:eqversion:15327

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.14

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.6(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.6(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(3)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.4

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.3

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.2

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.1

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.0

Trust: 0.3

vendor:ciscomodel:ios 12.2tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1eascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1escope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0stscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0sscope: - version: -

Trust: 0.3

vendor:vandykemodel:securecrtscope:neversion:3.4.3

Trust: 0.3

vendor:van dykemodel:vshellscope:neversion:1.2

Trust: 0.3

vendor:ttsshmodel:ttsshscope:neversion:1.5.4

Trust: 0.3

sources: CERT/CC: VU#389665 // BID: 6405 // BID: 6397 // JVNDB: JVNDB-2002-000322 // CNNVD: CNNVD-200212-040 // NVD: CVE-2002-1357

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1357
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#389665
value: 11.04

Trust: 0.8

NVD: CVE-2002-1357
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200212-040
value: CRITICAL

Trust: 0.6

VULHUB: VHN-5742
value: HIGH

Trust: 0.1

VULMON: CVE-2002-1357
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-1357
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2002-1357
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-5742
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#389665 // VULHUB: VHN-5742 // VULMON: CVE-2002-1357 // JVNDB: JVNDB-2002-000322 // CNNVD: CNNVD-200212-040 // NVD: CVE-2002-1357

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-5742 // JVNDB: JVNDB-2002-000322 // NVD: CVE-2002-1357

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 30625 // CNNVD: CNNVD-200212-040

TYPE

Unknown

Trust: 0.6

sources: BID: 6405 // BID: 6397

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000322

PATCH

title:ssh-packet-suite-vulnurl:http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml

Trust: 0.8

title:2003120403url:http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120403.shtml

Trust: 0.8

title:303url:http://www.ssh.com/company/newsroom/article/303/

Trust: 0.8

title:ssh-packet-suite-vulnurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/ssh-packet-suite-vuln-j.shtml

Trust: 0.8

title:Cisco: SSH Malformed Packet Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20021219-ssh-packet

Trust: 0.1

title:PuTTy-url:https://github.com/pbr94/PuTTy-

Trust: 0.1

sources: VULMON: CVE-2002-1357 // JVNDB: JVNDB-2002-000322

EXTERNAL IDS

db:CERT/CCid:VU#389665

Trust: 3.5

db:BIDid:6405

Trust: 2.9

db:NVDid:CVE-2002-1357

Trust: 2.9

db:SECTRACKid:1005813

Trust: 1.7

db:SECTRACKid:1005812

Trust: 1.7

db:BIDid:6397

Trust: 1.1

db:BIDid:6410

Trust: 0.8

db:BIDid:6407

Trust: 0.8

db:BIDid:6408

Trust: 0.8

db:JVNDBid:JVNDB-2002-000322

Trust: 0.8

db:CNNVDid:CNNVD-200212-040

Trust: 0.7

db:CERT/CCid:CA-2002-36

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:5849

Trust: 0.6

db:VULNWATCHid:20021216 R7-0009: VULNERABILITIES IN SSH2 IMPLEMENTATIONS FROM MULTIPLE VENDORS

Trust: 0.6

db:XFid:10868

Trust: 0.6

db:VULHUBid:VHN-5742

Trust: 0.1

db:VULMONid:CVE-2002-1357

Trust: 0.1

db:PACKETSTORMid:30625

Trust: 0.1

sources: CERT/CC: VU#389665 // VULHUB: VHN-5742 // VULMON: CVE-2002-1357 // BID: 6405 // BID: 6397 // JVNDB: JVNDB-2002-000322 // PACKETSTORM: 30625 // CNNVD: CNNVD-200212-040 // NVD: CVE-2002-1357

REFERENCES

url:http://www.cert.org/advisories/ca-2002-36.html

Trust: 3.3

url:http://www.kb.cert.org/vuls/id/389665

Trust: 2.8

url:http://www.securityfocus.com/bid/6405

Trust: 2.6

url:http://securitytracker.com/id?1005812

Trust: 1.8

url:http://securitytracker.com/id?1005813

Trust: 1.8

url:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5849

Trust: 1.2

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/10868

Trust: 1.2

url:http://www.rapid7.com/advisories/r7-0009.txt

Trust: 0.9

url:http://www.rapid7.com/perl/downloadrequest.pl?packagechoice=666

Trust: 0.9

url:http://www.citi.umich.edu/u/provos/ssh/privsep.html

Trust: 0.9

url:http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt

Trust: 0.8

url:http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-13.txt

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/n-028.shtml

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1357

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2002/wr025001.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnca-2002-36

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1357

Trust: 0.8

url:http://www.securityfocus.com/bid/6407

Trust: 0.8

url:http://www.securityfocus.com/bid/6408

Trust: 0.8

url:http://www.securityfocus.com/bid/6397

Trust: 0.8

url:http://www.securityfocus.com/bid/6410

Trust: 0.8

url:http://www.f-secure.com/

Trust: 0.6

url:http://www.ssh.com

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/10868

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5849

Trust: 0.6

url:http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml

Trust: 0.3

url:/archive/1/305241

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://www.rapid7.com/db/vulnerabilities/cisco-sshredder-dos

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/pbr94/putty-

Trust: 0.1

url:http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.

Trust: 0.1

url:http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-

Trust: 0.1

url:http://www.cert.org/

Trust: 0.1

url:http://www.cert.org/cert_pgp.key

Trust: 0.1

url:https://www.pragmasys.com

Trust: 0.1

sources: CERT/CC: VU#389665 // VULHUB: VHN-5742 // VULMON: CVE-2002-1357 // BID: 6405 // BID: 6397 // JVNDB: JVNDB-2002-000322 // PACKETSTORM: 30625 // CNNVD: CNNVD-200212-040 // NVD: CVE-2002-1357

CREDITS

Rapid 7 Security Advisories※ advisory@rapid7.com

Trust: 0.6

sources: CNNVD: CNNVD-200212-040

SOURCES

db:CERT/CCid:VU#389665
db:VULHUBid:VHN-5742
db:VULMONid:CVE-2002-1357
db:BIDid:6405
db:BIDid:6397
db:JVNDBid:JVNDB-2002-000322
db:PACKETSTORMid:30625
db:CNNVDid:CNNVD-200212-040
db:NVDid:CVE-2002-1357

LAST UPDATE DATE

2024-08-14T13:51:24.568000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#389665date:2003-06-18T00:00:00
db:VULHUBid:VHN-5742date:2017-10-11T00:00:00
db:VULMONid:CVE-2002-1357date:2017-10-11T00:00:00
db:BIDid:6405date:2006-05-16T22:04:00
db:BIDid:6397date:2002-12-16T00:00:00
db:JVNDBid:JVNDB-2002-000322date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-040date:2009-03-04T00:00:00
db:NVDid:CVE-2002-1357date:2017-10-11T01:29:03.620

SOURCES RELEASE DATE

db:CERT/CCid:VU#389665date:2002-12-16T00:00:00
db:VULHUBid:VHN-5742date:2002-12-23T00:00:00
db:VULMONid:CVE-2002-1357date:2002-12-23T00:00:00
db:BIDid:6405date:2002-12-16T00:00:00
db:BIDid:6397date:2002-12-16T00:00:00
db:JVNDBid:JVNDB-2002-000322date:2007-04-01T00:00:00
db:PACKETSTORMid:30625date:2002-12-21T10:23:09
db:CNNVDid:CNNVD-200212-040date:2002-12-23T00:00:00
db:NVDid:CVE-2002-1357date:2002-12-23T05:00:00