Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Nokia Information for VU#333628

Date Notified09/16/2003
Date Modified01/16/2007 03:06:50 PM
Status SummaryVulnerable

Vendor Statement

Nokia confirms that IPSO and IPSO-SX are affected by the vulnerability described in CERT Coordination Center Vulnerability Note VU#333628. We are currently backporting the patches provided by the OpenSSH team into the OpenSSH versions deployed within IPSO and IPSO-SX.

According to CERT/CC, the most likely impact of the vulnerability is the potential for a DoS attack if an exploit script is repeatedly executed against the same device. This potential can be eliminated by restricting access to SSH, allowing access only from trusted workstations by using either Access Control Lists (ACLs) or firewall rules to restrict access to TCP port 22.

To prevent automated scanners from successfully exploiting this vulnerability, ensure that the SSH server does not run on the default port of TCP 22 and is running on an alternate port, preferably above port 1024. In IPSO, this can be done by going to the "Security and Access Configuration" section in Voyager and selecting "SSH (Secure Shell)," then click on the "Go to the advanced server options page" link. From here, under the "Configure Server Protocol Details" heading, the TCP port number for the SSH service can be changed to a different value.

We expect to provide updated releases of IPSO and IPSO-SX the week of September 22, 2003.

US-CERT Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information