Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2002-1357

Published: 23/12/2002 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 12.0s

cisco ios 12.0st

cisco ios 12.1e

cisco ios 12.1ea

cisco ios 12.1t

cisco ios 12.2

cisco ios 12.2s

cisco ios 12.2t

fissh ssh client 1.0a for windows

intersoft securenetterm 5.4.1

netcomposite shellguard ssh 3.4.6

pragma systems secureshell 2.0

putty putty 0.48

putty putty 0.49

putty putty 0.53

winscp winscp 2.0.0

Vendor Advisories

Cisco: SSH Malformed Packet Vulnerabilities
Certain Cisco products containing support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device A malformed SSH packet directed at the affected device can cause a reload of the device No authentication is necessary for the packet to be received by the affected device The ...

References

CWE-119http://www.cert.org/advisories/CA-2002-36.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.htmlhttp://www.kb.cert.org/vuls/id/389665http://www.securityfocus.com/bid/6405http://securitytracker.com/id?1005812http://securitytracker.com/id?1005813https://exchange.xforce.ibmcloud.com/vulnerabilities/10868https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20021219-ssh-packethttps://www.kb.cert.org/vuls/id/389665
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4541CVE-2024-3080CVE-2024-4787log injectionCVE-2024-5967injectCVE-2024-30078CVE-2024-5899
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook