Cisco IOS Software Reverse SSH Denial of Service Vulnerability (cisco-sa-20120328-ssh)

high Nessus Plugin ID 58573

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20120328-ssh.

See Also

http://www.nessus.org/u?c8f7d4cf

Plugin Details

Severity: High

ID: 58573

File Name: cisco-sa-20120328-ssh.nasl

Version: 1.13

Type: local

Family: CISCO

Published: 4/2/2012

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/28/2012

Vulnerability Publication Date: 3/28/2012

Reference Information

CVE: CVE-2012-0386

BID: 52752

CISCO-SA: cisco-sa-20120328-ssh

CISCO-BUG-ID: CSCtr49064