Multiple Cisco networking products contain a denial-of-service vulnerability.
Multiple Cisco networking products contain a vulnerability that allows large SSH packets to cause excessive consumption of CPU resources. In some circumstances, this resource consumption may cause the affected device to reboot.
This vulnerability is a side effect of a Cisco patch for VU#13877, an SSH packet injection vulnerability. Please note that this patch does not contain the integer overflow vulnerability described in VU#945216. However, according to Cisco's Security Advisory, this denial-of-service vulnerability may be triggered by attempts to exploit VU#945216.
Remote attackers may conduct denial-of-service attacks against affected devices.
Apply a patch
This document was written by Jeffrey P. Lanza and is based on information provided by Cisco.
|Date First Published:||2002-06-27|
|Date Last Updated:||2002-12-12 23:25 UTC|