Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2002-1359

Published: 23/12/2002 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Cisco

Vulnerability Summary

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 12.2s

cisco ios 12.2t

cisco ios 12.1e

cisco ios 12.1ea

cisco ios 12.0s

cisco ios 12.0st

cisco ios 12.1t

cisco ios 12.2

putty putty 0.53

winscp winscp 2.0.0

netcomposite shellguard_ssh 3.4.6

pragma_systems secureshell 2.0

fissh ssh_client 1.0a_for_windows

intersoft securenetterm 5.4.1

putty putty 0.48

putty putty 0.49

Vendor Advisories

Cisco: SSH Malformed Packet Vulnerabilities
Certain Cisco products containing support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device A malformed SSH packet directed at the affected device can cause a reload of the device No authentication is necessary for the packet to be received by the affected device The ...

Exploits

Exploit DB: PuTTy.exe 0.53 - Validation Remote Buffer Overflow (Metasploit)
## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below In the # case of an unknown or missing license, this file defaults to the same # license as the core Framework (dual GPLv2 and Artistic) The latest # version of the Framework can always be obtained from metasp ...
Exploit DB: PuTTy.exe 0.53 - Remote Buffer Overflow (Metasploit)
## # $Id: putty_msg_debugrb 9525 2010-06-15 07:18:08Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## class Metasploit3 < Msf ...

References

CWE-20http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.htmlhttp://www.cert.org/advisories/CA-2002-36.htmlhttp://www.securityfocus.com/bid/6407http://securitytracker.com/id?1005812http://securitytracker.com/id?1005813https://exchange.xforce.ibmcloud.com/vulnerabilities/10870https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848https://nvd.nist.govhttps://www.exploit-db.com/exploits/1788/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20021219-ssh-packet
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook