Remote Denial of Service Vulnerability in Cisco IOS SSH
CVE-2002-1024

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios; Pix Firewall Software; Css11000 Content Services Switch
Vendor: CVE Published:; 4 October 2002

Summary

The vulnerability within Cisco IOS versions 12.0 to 12.2 relates to the SSH implementation, where remote attackers can exploit a flaw in the handling of large packets. This can lead to excessive CPU consumption, resulting in a denial of service condition. Attackers can use specially crafted packets that exploit the SSH CRC32 attack detection overflow. Network administrators should be aware of this vulnerability to implement necessary protective measures.

References

http://www.securityfocus.com/bid/5114

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/9437.php

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/290140

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 27, 2002