Cisco IOS Software Reverse SSH Denial of Service Vulnerability (cisco-sa-20120328-ssh)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The Secure Shell (SSH) server implementation in Cisco IOS Software and
Cisco IOS XE Software contains a denial of service (DoS) vulnerability
in the SSH version 2 (SSHv2) feature. An unauthenticated, remote
attacker could exploit this vulnerability by attempting a reverse SSH
login with a crafted username. Successful exploitation of this
vulnerability could allow an attacker to create a DoS condition by
causing the device to reload. Repeated exploits could create a
sustained DoS condition. The SSH server in Cisco IOS Software and
Cisco IOS XE Software is an optional service, but its use is highly
recommended as a security best practice for the management of Cisco
IOS devices. Devices that are not configured to accept SSHv2
connections are not affected by this vulnerability. Cisco has released
free software updates that address this vulnerability.

See also :

http://www.nessus.org/u?d315e2a5

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20120328-ssh.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 58573 ()

Bugtraq ID: 52752

CVE ID: CVE-2012-0386