Vulnerability Note VU#290140

Multiple Cisco products consume excessive CPU resources in response to large SSH packets

Original Release date: 27 Jun 2002 | Last revised: 12 Dec 2002


Multiple Cisco networking products contain a denial-of-service vulnerability.


Multiple Cisco networking products contain a vulnerability that allows large SSH packets to cause excessive consumption of CPU resources. In some circumstances, this resource consumption may cause the affected device to reboot.

This vulnerability is a side effect of a Cisco patch for VU#13877, an SSH packet injection vulnerability. Please note that this patch does not contain the integer overflow vulnerability described in VU#945216. However, according to Cisco's Security Advisory, this denial-of-service vulnerability may be triggered by attempts to exploit VU#945216.


Remote attackers may conduct denial-of-service attacks against affected devices.


Apply a patch

Cisco has published a Security Advisory to address this vulnerability. For information regarding affected devices and obtaining patches, please see

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Cisco Systems Inc.Affected27 Jun 200228 Jun 2002
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This document was written by Jeffrey P. Lanza and is based on information provided by Cisco.

Other Information

  • CVE IDs: CAN-2002-1024
  • Date Public: 27 Jun 2002
  • Date First Published: 27 Jun 2002
  • Date Last Updated: 12 Dec 2002
  • Severity Metric: 21.09
  • Document Revision: 9


If you have feedback, comments, or additional information about this vulnerability, please send us email.