Vulnerabilities > CVE-2002-2379 - Cryptographic Issues vulnerability in Cisco As5350 12.2(11T)
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Exploit-Db
| description | Cisco AS5350 Universal Gateway Portscan Denial Of Service Vulnerability. CVE-2002-2379 . Dos exploit for hardware platform |
| id | EDB-ID:21971 |
| last seen | 2016-02-02 |
| modified | 2002-10-28 |
| published | 2002-10-28 |
| reporter | Thomas Munn |
| source | https://www.exploit-db.com/download/21971/ |
| title | Cisco AS5350 - Universal Gateway Portscan Denial of Service Vulnerability |
References
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00397.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00411.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00413.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00420.html
- http://www.cisco.com/en/US/products/hw/univgate/ps501/products_security_notice09186a008024dba2.html
- http://www.securityfocus.com/bid/6059
- http://www.iss.net/security_center/static/10522.php