Cisco IOS Software Reverse SSH Denial of Service Vulnerability (cisco-sa-20120328-ssh)

High Nessus Plugin ID 58573

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20120328-ssh.

See Also

http://www.nessus.org/u?c8f7d4cf

Plugin Details

Severity: High

ID: 58573

File Name: cisco-sa-20120328-ssh.nasl

Version: 1.13

Type: local

Family: CISCO

Published: 2012/04/02

Updated: 2018/11/15

Dependencies: 47864

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/03/28

Vulnerability Publication Date: 2012/03/28

Reference Information

CVE: CVE-2012-0386

BID: 52752

CISCO-BUG-ID: CSCtr49064

CISCO-SA: cisco-sa-20120328-ssh