Cisco IOS XR 3.6.x, 3.8.x prior to 3.8.3, and 3.9.x prior to 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote malicious users to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco ios xr 3.6.0 |
||
cisco ios xr 3.6.1 |
||
cisco ios xr 3.6.2 |
||
cisco ios xr 3.6.3 |
||
cisco ios xr 3.8.0 |
||
cisco ios xr 3.8.2 |
||
cisco ios xr 3.8.1 |
||
cisco ios xr 3.9.0 |
Vulmon