CVE-2012-0386

Sažetak

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

Reference

http://osvdb.org/80695
http://secunia.com/advisories/48609
http://secunia.com/advisories/48641
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh
http://www.securityfocus.com/bid/52752
http://www.securitytracker.com/id?1026866
https://exchange.xforce.ibmcloud.com/vulnerabilities/74404

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

13-12-2017 - 02:29

Objavljeno

29-03-2012 - 11:01