Published: 02/05/2005 Updated: 11/10/2017

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 up to and including 12.3, when authenticating against a TACACS+ server, allows remote malicious users to cause a denial of service (memory consumption) via an incorrect username or password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 12.1ax
cisco ios 12.1az
cisco ios 12.1eu
cisco ios 12.1ew
cisco ios 12.1xi
cisco ios 12.1xl
cisco ios 12.1xv
cisco ios 12.1ya
cisco ios 12.1yi
cisco ios 12.2
cisco ios 12.2s
cisco ios 12.2se
cisco ios 12.2sxb
cisco ios 12.2sxd
cisco ios 12.2xn
cisco ios 12.2xs
cisco ios 12.3xd
cisco ios 12.3xe
cisco ios 12.3xl
cisco ios 12.3xm
cisco ios 12.3xy
cisco ios 12.3ya
cisco ios 12.3yd
cisco ios 12.0s
cisco ios 12.0sx
cisco ios 12.1eb
cisco ios 12.1ec
cisco ios 12.1xg
cisco ios 12.1xh
cisco ios 12.1xt
cisco ios 12.1xu
cisco ios 12.1yf
cisco ios 12.1yh
cisco ios 12.2ewa
cisco ios 12.2ex
cisco ios 12.2sx
cisco ios 12.2sxa
cisco ios 12.2xc
cisco ios 12.2xf
cisco ios 12.2za
cisco ios 12.3t
cisco ios 12.3xj
cisco ios 12.3xk
cisco ios 12.3xw
cisco ios 12.3xx
cisco ios 12.3yk
cisco ios 12.1e
cisco ios 12.1ea
cisco ios 12.1xd
cisco ios 12.1xe
cisco ios 12.1xf
cisco ios 12.1xq
cisco ios 12.1xr
cisco ios 12.1yd
cisco ios 12.1ye
cisco ios 12.2dx
cisco ios 12.2eu
cisco ios 12.2ew
cisco ios 12.2su
cisco ios 12.2sv
cisco ios 12.2t
cisco ios 12.2xa
cisco ios 12.2yx
cisco ios 12.2yz
cisco ios 12.3xh
cisco ios 12.3xi
cisco ios 12.3xs
cisco ios 12.3xu
cisco ios 12.3yh
cisco ios 12.3yj
cisco ios 12.1db
cisco ios 12.1dc
cisco ios 12.1ex
cisco ios 12.1t
cisco ios 12.1xm
cisco ios 12.1xp
cisco ios 12.1yb
cisco ios 12.1yc
cisco ios 12.2b
cisco ios 12.2dd
cisco ios 12.2sea
cisco ios 12.2seb
cisco ios 12.2sy
cisco ios 12.2sz
cisco ios 12.2ye
cisco ios 12.2yk
cisco ios 12.2yo
cisco ios 12.3xf
cisco ios 12.3xg
cisco ios 12.3xq
cisco ios 12.3xr
cisco ios 12.3yf
cisco ios 12.3yg

Certain release trains of Cisco Internetwork Operating System (IOS)®, when configured to use the IOS Secure Shell (SSH) server in combination with Terminal Access Controller Access Control System Plus (TACACS+) as a means to perform remote management tasks on IOS devices, may contain two vulnerabilities that can potentially cause IOS devic ...

CWE-399 http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml http://www.securityfocus.com/bid/13042 http://www.securitytracker.com/alerts/2005/Apr/1013655.html http://secunia.com/advisories/14854 http://www.osvdb.org/15303 https://exchange.xforce.ibmcloud.com/vulnerabilities/19991 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5687 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20050406-ssh

Get Started

CVE-2005-1021

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect