|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
Description |
Cisco IOS contains a flaw that may allow a remote resource consumption denial of service. The issue is triggered when a device running SSH is sent a large packet designed to exploit the SSH CRC32 vulnerability in which attackers can execute arbitrary commands using an integer overflow, and will result in loss of availability for the platform.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Denial of Service,
Input Manipulation
Impact:
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Follow the instructions in the Vendor Specific Solution URL to determine the proper upgrade for the device, as this has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): disable the SSH service on the device
|
|
Products |
|
IOS
 |
12.1 |
12.2 |
12.1E |
12.0S |
12.2S |
12.0SP |
12.0ST |
12.0XB |
12.0XM |
12.0XV |
12.1EC |
12.1(1)EX |
12.1(5c)EX |
12.1(8a)EX |
12.1(9)EX |
12.1T |
12.1XB |
12.1XC |
12.1XF |
12.1XG |
12.1XH |
12.1XI |
12.1XJ |
12.1XL |
12.1XM |
12.1XP |
12.1XQ |
12.1XT |
12.1XU |
12.1YB |
12.1YC |
12.1YD |
12.1YE |
12.1YF |
12.1YI |
12.2B |
12.2BC |
12.2DA |
12.2DD |
12.2T |
12.2XA |
12.2XB |
12.2XD |
12.2XE |
12.2XF |
12.2XG |
12.2XH |
12.2XI |
12.2XJ |
12.2XK |
12.2XL |
12.2XM |
12.2XN |
12.2XQ |
12.2XR |
12.2XS |
12.2XT |
12.2YA |
12.2YB |
12.2YC |
12.2YD |
12.2YF |
12.2YG |
12.2YH |
|
|
|
|
|
|
Credit |
- Cisco Product Security Incident Response Team (PSIRT) - psirt
 cisco.com - Cisco Systems, Inc.
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
