This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch
While fixing vulnerabilities mentioned in the Cisco Security Advisory
cisco-sa-20010627-ssh, a new vulnerability was introduced in some
products. When an attacker tries to exploit the vulnerability VU#945216
(described in the CERT/CC Vulnerability Note at
http://www.kb.cert.org/vuls/id/945216) the SSH module will consume too
much of the processor's time, effectively causing a DoS. In some cases
the device will reboot. In order to be exposed SSH must be enabled on
It is possible to mitigate this vulnerability by preventing, or having
control over, the SSH traffic.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.1
CVSS Temporal Score : 6.0
Public Exploit Available : false
Nessus Plugin ID: 48967 (cisco-sa-20020627-ssh-scanhttp.nasl)
Bugtraq ID: 5114
CVE ID: CVE-2002-1024
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.