Multiple versions of Cisco Catalyst switches contain a denial-of-service vulnerability that allows unauthenticated remote users to restart an affected device.
Cisco Catalyst switches in the 6000, 5000, and 4000 series contain a vulnerability in their SSH support component. The vulnerability is triggered by attempting to connect to the SSH service using a protocol other than SSH. The attempt generates a "protocol mismatch" error and causes the switch to restart, resulting in a denial-of-service condition.
This vulnerability allows unauthenticated remote users to restart an affected switch, resulting in a denial-of-service condition.
In December 2000, Cisco published a Cisco Security Advisory to address this issue. For patch information and a list of affected systems, please see:
This vulnerability was reported by Cisco.
This document was written by Jeffrey P. Lanza.
|Date First Published:||2004-03-29|
|Date Last Updated:||2004-03-31 14:32 UTC|