search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Multiple Cisco products consume excessive CPU resources in response to large SSH packets

Vulnerability Note VU#290140

Original Release Date: 2002-06-27 | Last Revised: 2002-12-12

Overview

Multiple Cisco networking products contain a denial-of-service vulnerability.

Description

Multiple Cisco networking products contain a vulnerability that allows large SSH packets to cause excessive consumption of CPU resources. In some circumstances, this resource consumption may cause the affected device to reboot.

This vulnerability is a side effect of a Cisco patch for VU#13877, an SSH packet injection vulnerability. Please note that this patch does not contain the integer overflow vulnerability described in VU#945216. However, according to Cisco's Security Advisory, this denial-of-service vulnerability may be triggered by attempts to exploit VU#945216.

Impact

Remote attackers may conduct denial-of-service attacks against affected devices.

Solution

Apply a patch

Cisco has published a Security Advisory to address this vulnerability. For information regarding affected devices and obtaining patches, please see

http://www.cisco.com/warp/public/707/SSH-scanning.shtml

Vendor Information

290140
 
Affected   Unknown   Unaffected

Cisco Systems Inc.

Notified:  June 27, 2002 Updated:  June 28, 2002

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Cisco has published a Security Advisory to address this vulnerability. For information regarding affected devices and obtaining patches, please see


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Acknowledgements

This document was written by Jeffrey P. Lanza and is based on information provided by Cisco.

Other Information

CVE IDs: CVE-2002-1024
Severity Metric: 21.09
Date Public: 2002-06-27
Date First Published: 2002-06-27
Date Last Updated: 2002-12-12 23:25 UTC
Document Revision: 9

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.