[comm] Cisco SSH holes
Ruth Milner
rmilner at aoc.nrao.edu
Mon Jan 13 13:09:47 EST 2003
Is SSH enabled on our Cisco equipment that supports it?
This hole was found by testing with the same suite (SSHredder) that
found holes in putty.
Ruth.
---------------
*** {03.01.012} NetDev - Cisco products SSH reload DoS
Cisco has released an advisory indicating various Cisco devices running
IOS versions 12.0S, 12.0ST, 12.1T, 12.1E, 12.2, 12.2T, and 12.2S,
can be caused remotely to reboot by sending a malformed SSH packet
to the device, if the SSH service is running. All products running
the above versions of IOS and using SSH are affected. NOT affected
are the Cisco Catalyst series running CatOS, VPN3000, PIX firewalls,
SN5400 series, and NetRanger products.
Cisco confirmed this vulnerability. Patches are currently in production
and available from Cisco.
Source: Cisco
http://archives.neohapsis.com/archives/cisco/2002-q4/0005.html
More information about the Comm
mailing list