Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2002-1357

Published: 23/12/2002 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Ios

Vulnerability Summary

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 12.1ea

cisco ios 12.1t

cisco ios 12.2t

cisco ios 12.2

cisco ios 12.2s

cisco ios 12.0s

cisco ios 12.0st

cisco ios 12.1e

netcomposite shellguard_ssh 3.4.6

pragma_systems secureshell 2.0

putty putty 0.53

winscp winscp 2.0.0

putty putty 0.48

putty putty 0.49

fissh ssh_client 1.0a_for_windows

intersoft securenetterm 5.4.1

Vendor Advisories

Cisco: SSH Malformed Packet Vulnerabilities
Certain Cisco products containing support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device A malformed SSH packet directed at the affected device can cause a reload of the device No authentication is necessary for the packet to be received by the affected device The ...

References

CWE-119http://www.cert.org/advisories/CA-2002-36.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.htmlhttp://www.kb.cert.org/vuls/id/389665http://www.securityfocus.com/bid/6405http://securitytracker.com/id?1005812http://securitytracker.com/id?1005813https://exchange.xforce.ibmcloud.com/vulnerabilities/10868https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20021219-ssh-packethttps://www.kb.cert.org/vuls/id/389665
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook