VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability

Bugtraq ID:	58643
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-0712
Remote:	Yes
Local:	No
Published:	Mar 18 2013 12:00AM
Updated:	Mar 19 2015 09:15AM
Credit:	Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd.
Vulnerable:
Not Vulnerable:

VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability

VxWorks is prone to a denial-of-service vulnerability.

Remote attackers can exploit this issue to cause denial-of-service conditions for legitimate users.

VxWorks 6.5 through 6.9 are vulnerable; other versions may also be affected.

VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

VxWorks SSH Server CVE-2013-0712 Denial of Service Vulnerability

References:

• JVN#01611135 VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability (JPCERT/CC and IPA)
  
• JVNDB-2013-000019 VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerabili (IPA)
  
• Wind River Homepage (Wind River)
  
• Wind River VxWorks Homepage (Wind River)
  
• ICSA-13-091-01,WIND RIVER VXWORKS SSH AND WEB SERVER MULTIPLE VULNERABILITIES (ICS-CERT)