Cisco IOS Reverse SSH Remote Denial of Service Vulnerability

Bugtraq ID:	52752
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2012-0386
Remote:	Yes
Local:	No
Published:	Mar 28 2012 12:00AM
Updated:	Mar 19 2015 08:13AM
Credit:	Cisco
Vulnerable:	Cisco IOS XE 2.6.2 Cisco IOS XE 2.6.1 Cisco IOS XE 2.5.2 Cisco IOS XE 2.5.1 Cisco IOS XE 2.4.1 Cisco IOS XE 2.4 Cisco IOS XE 2.3.2 Cisco IOS XE 2.3.1 t Cisco IOS XE 2.3.1 Cisco IOS XE 3.2.xS Cisco IOS XE 3.1xSG Cisco IOS XE 3.1.xS Cisco IOS XE 3.1 Cisco IOS XE 2.6 Cisco IOS XE 2.5 Cisco IOS XE 2.4 Cisco IOS XE 2.3 Cisco Ios 15.2T Cisco Ios 15.2GC Cisco Ios 15.1SNG Cisco IOS 15.1S Cisco IOS 15.1MR Cisco IOS 15.1M Cisco IOS 15.1GC Cisco IOS 15.1EY Cisco IOS 15.0MRA Cisco IOS 15.0MR Cisco IOS 15.0M Cisco IOS 15.0M Cisco IOS 12.4JHC Cisco IOS 12.4JHB Cisco IOS 12.4JHA Cisco IOS 12.4JDD Cisco IOS 12.4JDC Cisco IOS 12.4JDA Cisco IOS 12.4JAX Cisco IOS 12.4JA Cisco IOS 12.4 (15)T10 Cisco IOS 12.2SE Cisco IOS 12.2EY Cisco IOS 12.2EX
Not Vulnerable:	Cisco IOS XE 3.4.2S Cisco Ios 15.2(2)T1 Cisco Ios 15.2(1)T2 Cisco Ios 15.2(1)GC2 Cisco Ios 15.1(3)T3 Cisco IOS 15.1(1)T4 Cisco IOS 15.0SE Cisco IOS 15.0(1)M7 Cisco IOS 12.4(25f) Cisco Ios 12.4(25e)JA Cisco Ios 12.4(23c)JA4 Cisco Ios 12.2(58)EY2

Cisco IOS Reverse SSH Remote Denial of Service Vulnerability

Cisco IOS XR is prone to a remote denial-of-service vulnerability in the SSH server implementation.

An attacker can exploit this issue to cause a denial-of-service condition.

This issue is being tracked by Cisco Bug ID CSCtr49064.

Cisco IOS Reverse SSH Remote Denial of Service Vulnerability

To exploit this issue, attackers can use readily available network utilities.

Cisco IOS Reverse SSH Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references for details.

Cisco IOS Reverse SSH Remote Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco IOS Software Reverse SSH Denial of Service Vulnerability (Cisco)