BID:13043

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

Info

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

Bugtraq ID:	13043
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2005-1020 CVE-2005-1020
Remote:	Yes
Local:	No
Published:	Apr 06 2005 12:00AM
Updated:	Mar 19 2015 09:35AM
Credit:	This issue was announced by the vendor.
Vulnerable:	Cisco IOS 12.3YL Cisco IOS 12.3YK Cisco IOS 12.3YJ Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YE Cisco IOS 12.3YD Cisco IOS 12.3YC Cisco IOS 12.3YA Cisco IOS 12.3XZ Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XV Cisco IOS 12.3XU Cisco IOS 12.3XT Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XN Cisco IOS 12.3XM Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3JA Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3(6) Cisco IOS 12.3(5b) Cisco IOS 12.3(5a)b Cisco IOS 12.3(5a) Cisco IOS 12.3(5) Cisco IOS 12.3(4)XD1 Cisco IOS 12.3(4)XD Cisco IOS 12.3(4)T3 Cisco IOS 12.3(4)T2 Cisco IOS 12.3(4)T1 Cisco IOS 12.3(4)T Cisco IOS 12.3(2)XC2 Cisco IOS 12.3(2)XC1 Cisco IOS 12.3(2)T3 Cisco IOS 12.3 Cisco IOS 12.2ZQ Cisco IOS 12.2ZP Cisco IOS 12.2ZO Cisco IOS 12.2ZN Cisco IOS 12.2ZM Cisco IOS 12.2ZL Cisco IOS 12.2ZK Cisco IOS 12.2ZJ Cisco IOS 12.2ZI Cisco IOS 12.2ZH Cisco IOS 12.2ZG Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZC Cisco IOS 12.2ZB Cisco IOS 12.2ZA Cisco IOS 12.2YZ Cisco IOS 12.2YY Cisco IOS 12.2YX Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YT Cisco IOS 12.2YS Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YP Cisco IOS 12.2YO Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YK Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YE Cisco IOS 12.2YD Cisco IOS 12.2YC Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XZ Cisco IOS 12.2XW Cisco IOS 12.2XU Cisco IOS 12.2XT Cisco IOS 12.2XS Cisco IOS 12.2XR Cisco IOS 12.2XQ Cisco IOS 12.2XN Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2XI Cisco IOS 12.2XH Cisco IOS 12.2XG Cisco IOS 12.2XF Cisco IOS 12.2XE Cisco IOS 12.2XD Cisco IOS 12.2XC Cisco IOS 12.2XB Cisco IOS 12.2XA Cisco IOS 12.2T Cisco IOS 12.2SZ Cisco IOS 12.2SY Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SW Cisco IOS 12.2SV Cisco IOS 12.2SU Cisco IOS 12.2SEB Cisco IOS 12.2SEA Cisco IOS 12.2SE Cisco IOS 12.2S Cisco IOS 12.2MX Cisco IOS 12.2MC Cisco IOS 12.2MB Cisco IOS 12.2JK Cisco IOS 12.2JA Cisco IOS 12.2EX Cisco IOS 12.2EWA Cisco Ios 12.2EWA Cisco Ios 12.2EW Cisco Ios 12.2EW Cisco IOS 12.2EW Cisco IOS 12.2EU Cisco Ios 12.2DX Cisco IOS 12.2DX Cisco IOS 12.2DD Cisco Ios 12.2DD Cisco Ios 12.2DA Cisco IOS 12.2DA Cisco Ios 12.2CZ Cisco IOS 12.2CZ Cisco Ios 12.2CY Cisco IOS 12.2CY Cisco IOS 12.2CX Cisco Ios 12.2CX Cisco Ios 12.2BZ Cisco IOS 12.2BZ Cisco IOS 12.2BY Cisco Ios 12.2BY Cisco Ios 12.2BX Cisco IOS 12.2BX Cisco IOS 12.2BW Cisco Ios 12.2BW Cisco Ios 12.2BC Cisco IOS 12.2BC Cisco IOS 12.2B Cisco Ios 12.2B Cisco IOS 12.2(8)JA Cisco IOS 12.2(4)JA1 Cisco IOS 12.2(4)JA Cisco IOS 12.2(23) Cisco IOS 12.2(21a) Cisco IOS 12.2(21) Cisco IOS 12.2(20)S1 Cisco IOS 12.2(20)S Cisco IOS 12.2(20)EW Cisco IOS 12.2(2)XU2 Cisco IOS 12.2(2)XU Cisco IOS 12.2(2)XT3 Cisco IOS 12.2(2)XT Cisco IOS 12.2(2)XN Cisco IOS 12.2(2)XK2 Cisco IOS 12.2(2)XK Cisco IOS 12.2(2)XJ1 Cisco IOS 12.2(2)XJ Cisco IOS 12.2(2)XI2 Cisco IOS 12.2(2)XI1 Cisco IOS 12.2(2)XI Cisco IOS 12.2(2)XH3 Cisco IOS 12.2(2)XH2 Cisco IOS 12.2(2)XH Cisco IOS 12.2(2)XG Cisco IOS 12.2(2)XF Cisco IOS 12.2(2)XB4 Cisco IOS 12.2(2)XB3 Cisco IOS 12.2(2)XB Cisco IOS 12.2(2)XA5 Cisco IOS 12.2(2)XA1 Cisco IOS 12.2(2)XA Cisco IOS 12.2(2)T4 Cisco IOS 12.2(18)SW Cisco IOS 12.2(18)SV Cisco IOS 12.2(18)SE Cisco IOS 12.2(18)S Cisco IOS 12.2(18)EWA Cisco IOS 12.2(18)EW Cisco IOS 12.2(17a)SXA Cisco IOS 12.2(16.1)B Cisco IOS 12.2(16)B Cisco IOS 12.2(15.1)S Cisco IOS 12.2(15)ZN Cisco IOS 12.2(14.5)T Cisco IOS 12.2(14.5) Cisco IOS 12.2(14)ZA2 Cisco IOS 12.2(14)ZA Cisco IOS 12.2(14)SZ Cisco IOS 12.2(14)SY1 Cisco IOS 12.2(14)SY Cisco IOS 12.2(12h) Cisco IOS 12.2(12g) Cisco IOS 12.2(11)T Cisco IOS 12.2(11)JA1 Cisco IOS 12.2(11)JA Cisco IOS 12.2(1)XS1 Cisco IOS 12.2(1)XS Cisco IOS 12.2(1)XQ Cisco IOS 12.2(1)XH Cisco IOS 12.2(1)XE3 Cisco IOS 12.2(1)XE2 Cisco IOS 12.2(1)XE Cisco IOS 12.2(1)XD4 Cisco IOS 12.2(1)XD3 Cisco IOS 12.2(1)XD1 Cisco IOS 12.2(1)XD Cisco IOS 12.2(1)XA Cisco IOS 12.2 Cisco IOS 12.1YJ Cisco IOS 12.1YI Cisco IOS 12.1YH Cisco IOS 12.1YF Cisco IOS 12.1YE Cisco IOS 12.1YD Cisco IOS 12.1YC Cisco IOS 12.1YB Cisco IOS 12.1YA Cisco IOS 12.1XZ Cisco IOS 12.1XY Cisco IOS 12.1XX Cisco IOS 12.1XW Cisco IOS 12.1XV Cisco IOS 12.1XU Cisco IOS 12.1XT Cisco IOS 12.1XS Cisco IOS 12.1XR Cisco IOS 12.1XQ Cisco IOS 12.1XP Cisco IOS 12.1XM Cisco IOS 12.1XL Cisco IOS 12.1XK Cisco IOS 12.1XJ Cisco IOS 12.1XI Cisco IOS 12.1XH Cisco IOS 12.1XG Cisco IOS 12.1XF Cisco IOS 12.1XE Cisco IOS 12.1XD Cisco IOS 12.1XC Cisco IOS 12.1XB Cisco IOS 12.1XA Cisco IOS 12.1T Cisco IOS 12.1M Cisco IOS 12.1EY Cisco IOS 12.1EX Cisco IOS 12.1EW Cisco IOS 12.1EV Cisco IOS 12.1EU Cisco IOS 12.1EO Cisco IOS 12.1EC Cisco IOS 12.1EB Cisco IOS 12.1EA Cisco IOS 12.1E Cisco IOS 12.1DC Cisco IOS 12.1DB Cisco IOS 12.1DA Cisco IOS 12.1CX Cisco IOS 12.1AZ Cisco IOS 12.1AY Cisco IOS 12.1AX Cisco IOS 12.1AA Cisco IOS 12.1(20)EW1 Cisco IOS 12.1(20)EW Cisco IOS 12.1(20)EO Cisco IOS 12.1(20)EC1 Cisco IOS 12.1(20)EC Cisco IOS 12.1(20)EA1 Cisco IOS 12.1(20)E2 Cisco IOS 12.1(20)E1 Cisco IOS 12.1(20)E Cisco IOS 12.1(19)E1 Cisco IOS 12.1(13)E9 Cisco IOS 12.1(11b)E14 Cisco IOS 12.1(11b)E12 Cisco IOS 12.1(11b)E Cisco IOS 12.1(11)E Cisco IOS 12.1 Cisco IOS 12.0XW Cisco IOS 12.0XV Cisco IOS 12.0XU Cisco IOS 12.0XT Cisco IOS 12.0XS Cisco IOS 12.0XR Cisco IOS 12.0XQ Cisco IOS 12.0XP Cisco IOS 12.0XN Cisco IOS 12.0XM Cisco IOS 12.0XL Cisco IOS 12.0XK Cisco IOS 12.0XJ Cisco IOS 12.0XI Cisco IOS 12.0XH Cisco IOS 12.0XG Cisco IOS 12.0XF Cisco IOS 12.0XE Cisco IOS 12.0XD Cisco IOS 12.0XC Cisco IOS 12.0XB Cisco IOS 12.0XA Cisco IOS 12.0WX Cisco IOS 12.0WT Cisco IOS 12.0WC Cisco IOS 12.0W5 Cisco IOS 12.0T Cisco IOS 12.0SZ Cisco IOS 12.0SY Cisco IOS 12.0SX Cisco IOS 12.0SV Cisco IOS 12.0ST Cisco IOS 12.0SP Cisco IOS 12.0SL Cisco IOS 12.0SC Cisco IOS 12.0S Cisco IOS 12.0DC Cisco IOS 12.0DB Cisco IOS 12.0DA Cisco IOS 12.0(27)SV1 Cisco IOS 12.0(27)SV Cisco IOS 12.0(27)S Cisco IOS 12.0(26)S1 Cisco IOS 12.0(24.2)S Cisco IOS 12.0(24)S5 Cisco IOS 12.0(24)S4 Cisco IOS 12.0(24)S1 Cisco IOS 12.0(23)S5 Cisco IOS 12.0(23)S4 Cisco IOS 12.0

Not Vulnerable:

Discussion

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

Cisco IOS is reported prone to a remote denial of service vulnerability. The issue is reported to exist when the Cisco IOS device is configured to employ SSHv2 for remote management and Terminal Access Controller Access Control System Authentication (TACACS+).

An attacker may trigger the issue to cause a device reload, effectively denying service for legitimate users.

It is noted that the vulnerability only affects SSHv2, SSHv1 is not affected.

Exploit / POC

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

There is no exploit required.

Solution / Fix

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

Solution:
Cisco has provided a fix matrix in the attached advisory. Please refer to the advisory for further information. Cisco fixes may be obtained through customers through the regular update channels.

References

Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability

References:

Cisco Security Advisory: Vulnerabilities in Cisco IOS Secure Shell Server (Cisco)