Vulnerabilities > CVE-2010-0137 - Remote Denial of Service vulnerability in Cisco IOS XR SSH Protocol Implementation

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

NVD

Published: 2010-01-21

Updated: 2017-08-17

Summary

Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XR 3.4.1 Cisco IOS XR 3.4.2 Cisco IOS XR 3.4.3 Cisco IOS XR 3.5.2 Cisco IOS XR 3.5.3 Cisco IOS XR 3.5.4 Cisco IOS XR 3.6.0 Cisco IOS XR 3.6.1 Cisco IOS XR 3.7.0	9

References

http://secunia.com/advisories/38227
http://securitytracker.com/id?1023480
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b13512.shtml
http://www.securityfocus.com/bid/37878
http://www.vupen.com/english/advisories/2010/0183
https://exchange.xforce.ibmcloud.com/vulnerabilities/55767