Denial of Service Vulnerability in Cisco Service Control Engine and Icon Labs Iconfidant SSH
CVE-2008-0536

Currently unrated

Key Information:

Vendor: Cisco
Status: Service Control Engine
Vendor: CVE Published:; 22 May 2008

Summary

A vulnerability has been identified in the SSH server of Cisco Service Control Engine (SCE) and Icon Labs Iconfidant SSH that permits remote attackers to disrupt management operations, resulting in the denial of service. This exploit arises from the handling of SSH traffic during crucial management functions, leading to illegal I/O operations. The affected versions of Cisco SCE are 3.0.x prior to 3.0.7 and 3.1.x before 3.1.0, while Iconfidant SSH versions before 2.3.8 are also vulnerable.

References

http://secunia.com/advisories/30316

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/1774/references

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/30590

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
May 22, 2008
Vulnerability Reserved
Jan 31, 2008