JVN#05132866: Multiple Cisco products vulnerable to denial-of-service (DoS)

Overview

The SSH implementation in multiple Cisco products contains a denial-of-service (DoS) vulnerability.

Products Affected

A wide range of products are affected.

For more information, refer to the advisory provided by the developer.

Description

The SSH implementation in multiple Cisco products contains a denial-of-service (DoS) vulnerability.

Impact

A remote attacker may be able to cause a denial-of-service (DoS).

Solution

Apply an update
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor	Link
Cisco	Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability

References

IPA
Security Alert for Vulnerability in Multiple Cisco Products(in Japanese)

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2013-1154
JVN iPedia	JVNDB-2013-000017

Update History

2013/03/07: Information under the section "References" was updated.

JVN#05132866 Multiple Cisco products vulnerable to denial-of-service (DoS)