Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The Secure Shell server (SSH) implementation in Cisco IOS contains
multiple vulnerabilities that allow unauthenticated users the ability
to generate a spurious memory access error or, in certain cases, reload
the device.
The IOS SSH server is an optional service that is disabled by default,
but its use is highly recommended as a security best practice for
management of Cisco IOS devices. SSH can be configured as part of the
AutoSecure feature in the initial configuration of IOS devices.
AutoSecure runs after initial configuration, or manually. SSH is enabled
any time RSA keys are generated such as when a http secure-server or
trust points for digital certificates are configured. Devices that are
not configured to accept SSH connections are not affected by these
vulnerabilities.

See also :

http://www.nessus.org/u?04b73451
http://www.nessus.org/u?7212db35

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20080521-ssh.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:M/Au:S/C:P/I:C/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 49015 (cisco-sa-20080521-sshhttp.nasl)

Bugtraq ID: 29314

CVE ID: CVE-2008-1159