This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
The Secure Shell server (SSH) implementation in Cisco IOS contains
multiple vulnerabilities that allow unauthenticated users the ability
to generate a spurious memory access error or, in certain cases, reload
The IOS SSH server is an optional service that is disabled by default,
but its use is highly recommended as a security best practice for
management of Cisco IOS devices. SSH can be configured as part of the
AutoSecure feature in the initial configuration of IOS devices.
AutoSecure runs after initial configuration, or manually. SSH is enabled
any time RSA keys are generated such as when a http secure-server or
trust points for digital certificates are configured. Devices that are
not configured to accept SSH connections are not affected by these
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Nessus Plugin ID: 49015 (cisco-sa-20080521-sshhttp.nasl)
Bugtraq ID: 29314
CVE ID: CVE-2008-1159
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.