Cisco IOS Secure Shell Server TACACS+ Multiple DoS (CSCed65778, CSCed65285)

high Nessus Plugin ID 17988

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote version of IOS has the ability to enable an SSH server to let the administrators connect to the remote device.

There is an implementation flaw in the remote version of this software which may allow an attacker to cause a resource starvation on the remote device, thus preventing it from routing properly.

Solution

http://www.nessus.org/u?6f0e5315

Plugin Details

Severity: High

ID: 17988

File Name: CSCed65778.nasl

Version: 1.24

Type: local

Family: CISCO

Published: 4/6/2005

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: SNMP/sysDesc, SNMP/community, CISCO/model

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/6/2005

Reference Information

CVE: CVE-2005-1020, CVE-2005-1021

BID: 13042, 13043

CWE: 287, 399