Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems

high Nessus Plugin ID 49015

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device.
The IOS SSH server is an optional service that is disabled by default, but its use is highly recommended as a security best practice for management of Cisco IOS devices. SSH can be configured as part of the AutoSecure feature in the initial configuration of IOS devices.
AutoSecure runs after initial configuration, or manually. SSH is enabled any time RSA keys are generated such as when a http secure-server or trust points for digital certificates are configured. Devices that are not configured to accept SSH connections are not affected by these vulnerabilities.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20080521-ssh.

See Also

http://www.nessus.org/u?44a6b3b8

http://www.nessus.org/u?d779558e

Plugin Details

Severity: High

ID: 49015

File Name: cisco-sa-20080521-sshhttp.nasl

Version: 1.20

Type: combined

Family: CISCO

Published: 9/1/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:C/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/21/2008

Vulnerability Publication Date: 5/21/2008

Reference Information

CVE: CVE-2008-1159

BID: 29314