Details of VAR-201001-0762

ID

VAR-201001-0762

CVE

CVE-2010-0137

TITLE

Cisco IOS XR SSH Protocol Implementation Remote Denial of Service Vulnerability

Trust: 0.9

sources: BID: 37878 // CNNVD: CNNVD-201001-219

DESCRIPTION

Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCsu10574. CVE ID: CVE-2010-0137 Cisco IOS XR Software is a set of completely modularized and distributed network operating systems in Cisco's IOS software series (including IOS T, IOS S and IOS XR). A large amount of memory is exhausted during this event, and repeated attacks may affect other system functions, depending on the amount of available memory and the duration of the attack. Although user authentication is not required to exploit this vulnerability, the TCP triple handshake must be completed and some SSH protocol negotiations must occur. The SSH service continued to function normally after the attack. Please see the vendor's advisory for a complete list of affected versions. SOLUTION: Update to fixed versions. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20100120-xr-ssh.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-0137 // JVNDB: JVNDB-2010-003772 // BID: 37878 // VULHUB: VHN-42742 // PACKETSTORM: 85489

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.1	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.4	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.3	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.2	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.3	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.2	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.1	Trust: 1.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.1 to 3.7.0	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.1	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6	Trust: 0.3

sources: BID: 37878 // JVNDB: JVNDB-2010-003772 // CNNVD: CNNVD-201001-219 // NVD: CVE-2010-0137

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-0137
value:	HIGH
Trust: 1.0
NVD:	CVE-2010-0137
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201001-219
value:	HIGH
Trust: 0.6
VULHUB:	VHN-42742
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2010-0137
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-42742
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-42742 // JVNDB: JVNDB-2010-003772 // CNNVD: CNNVD-201001-219 // NVD: CVE-2010-0137

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2010-0137

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201001-219

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201001-219

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-003772

PATCH

title:

cisco-sa-20100120-xr-ssh

url:

http://www.cisco.com/en/US/products/csa/cisco-sa-20100120-xr-ssh.html

Trust: 0.8

sources: JVNDB: JVNDB-2010-003772

EXTERNAL IDS

db:	NVD	id:	CVE-2010-0137	Trust: 2.8
db:	BID	id:	37878	Trust: 2.0
db:	SECUNIA	id:	38227	Trust: 1.8
db:	SECTRACK	id:	1023480	Trust: 1.7
db:	VUPEN	id:	ADV-2010-0183	Trust: 1.7
db:	JVNDB	id:	JVNDB-2010-003772	Trust: 0.8
db:	CNNVD	id:	CNNVD-201001-219	Trust: 0.7
db:	XF	id:	55767	Trust: 0.6
db:	CISCO	id:	20100120 CISCO IOS XR SOFTWARE SSH DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	NSFOCUS	id:	14381	Trust: 0.6
db:	VULHUB	id:	VHN-42742	Trust: 0.1
db:	PACKETSTORM	id:	85489	Trust: 0.1

sources: VULHUB: VHN-42742 // BID: 37878 // JVNDB: JVNDB-2010-003772 // PACKETSTORM: 85489 // CNNVD: CNNVD-201001-219 // NVD: CVE-2010-0137

REFERENCES

url:	http://www.securityfocus.com/bid/37878	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080b13512.shtml	Trust: 1.7
url:	http://securitytracker.com/id?1023480	Trust: 1.7
url:	http://secunia.com/advisories/38227	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2010/0183	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/55767	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0137	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0137	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/55767	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/14381	Trust: 0.6
url:	http://www.cisco.com/warp/public/707/cisco-sa-20100120-xr-ssh.shtml	Trust: 0.4
url:	http://www.cisco.com/	Trust: 0.3
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/38227/	Trust: 0.1
url:	http://secunia.com/blog/71/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-42742 // BID: 37878 // JVNDB: JVNDB-2010-003772 // PACKETSTORM: 85489 // CNNVD: CNNVD-201001-219 // NVD: CVE-2010-0137

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-201001-219

SOURCES

db:	VULHUB	id:	VHN-42742
db:	BID	id:	37878
db:	JVNDB	id:	JVNDB-2010-003772
db:	PACKETSTORM	id:	85489
db:	CNNVD	id:	CNNVD-201001-219
db:	NVD	id:	CVE-2010-0137

LAST UPDATE DATE

2024-11-23T23:13:05.044000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-42742	date:	2017-08-17T00:00:00
db:	BID	id:	37878	date:	2010-01-20T00:00:00
db:	JVNDB	id:	JVNDB-2010-003772	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-201001-219	date:	2010-01-22T00:00:00
db:	NVD	id:	CVE-2010-0137	date:	2024-11-21T01:11:36.543

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-42742	date:	2010-01-21T00:00:00
db:	BID	id:	37878	date:	2010-01-20T00:00:00
db:	JVNDB	id:	JVNDB-2010-003772	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	85489	date:	2010-01-21T10:22:47
db:	CNNVD	id:	CNNVD-201001-219	date:	2010-01-21T00:00:00
db:	NVD	id:	CVE-2010-0137	date:	2010-01-21T22:30:00.460