SSH Malformed Packet Vulnerabilities - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Certain Cisco products containing support for the Secure Shell (SSH)
server are vulnerable to a Denial of Service (DoS) if the SSH server is
enabled on the device. A malformed SSH packet directed at the affected
device can cause a reload of the device. No authentication is necessary
for the packet to be received by the affected device. The SSH server in
Cisco IOS is disabled by default.

Cisco will be making free software available to correct the problem as
soon as possible.

The malformed packets can be generated using the SSHredder test suite
from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not
aware of any malicious exploitation of this vulnerability.

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 48968 (cisco-sa-20021219-ssh-packethttp.nasl)

Bugtraq ID: 6405

CVE ID: CVE-2002-1357