search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Cisco Catalyst reboots in response to an SSH "protocol mismatch" error

Vulnerability Note VU#463944

Original Release Date: 2004-03-29 | Last Revised: 2004-03-31

Overview

Multiple versions of Cisco Catalyst switches contain a denial-of-service vulnerability that allows unauthenticated remote users to restart an affected device.

Description

Cisco Catalyst switches in the 6000, 5000, and 4000 series contain a vulnerability in their SSH support component. The vulnerability is triggered by attempting to connect to the SSH service using a protocol other than SSH. The attempt generates a "protocol mismatch" error and causes the switch to restart, resulting in a denial-of-service condition.

Impact

This vulnerability allows unauthenticated remote users to restart an affected switch, resulting in a denial-of-service condition.

Solution

In December 2000, Cisco published a Cisco Security Advisory to address this issue. For patch information and a list of affected systems, please see:

http://www.cisco.com/warp/public/707/catalyst-ssh-protocolmismatch-pub.shtml

Vendor Information

463944
 
Affected   Unknown   Unaffected

Cisco Systems Inc.

Notified:  December 21, 2000 Updated:  March 29, 2004

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Cisco has published a Cisco Security Advisory to address this issue. For patch information and a list of affected systems, please see:


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Acknowledgements

This vulnerability was reported by Cisco.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs: CVE-2001-0080
Severity Metric: 21.00
Date Public: 2000-12-20
Date First Published: 2004-03-29
Date Last Updated: 2004-03-31 14:32 UTC
Document Revision: 18

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.