10
CVSSv2

CVE-2002-1358

Published: 23/12/2002 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 12.0s

cisco ios 12.0st

cisco ios 12.1t

cisco ios 12.2

cisco ios 12.2s

cisco ios 12.1e

cisco ios 12.1ea

cisco ios 12.2t

fissh ssh_client 1.0a_for_windows

intersoft securenetterm 5.4.1

putty putty 0.48

putty putty 0.49

netcomposite shellguard_ssh 3.4.6

pragma_systems secureshell 2.0

putty putty 0.53

winscp winscp 2.0.0

Vendor Advisories

Certain Cisco products containing support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device A malformed SSH packet directed at the affected device can cause a reload of the device No authentication is necessary for the packet to be received by the affected device The ...