This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
The Secure Shell server (SSH) implementation in Cisco IOS contains
multiple vulnerabilities that allow unauthenticated users the ability
to generate a spurious memory access error or, in certain cases, reload
The IOS SSH server is an optional service that is disabled by default,
but its use is highly recommended as a security best practice for
management of Cisco IOS devices. SSH can be configured as part of the
AutoSecure feature in the initial configuration of IOS devices.
AutoSecure runs after initial configuration, or manually. SSH is enabled
any time RSA keys are generated such as when a http secure-server or
trust points for digital certificates are configured. Devices that are
not configured to accept SSH connections are not affected by these
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true