Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0386

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-0386
Last Modified 25 Mar 2013 11:32:28
Published 29 Mar 2012 07:01:16
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0386

Summary

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

Vulnerable Systems

Operating System

  • Cisco Ios 12.2

  • Cisco Ios 12.4

  • Cisco Ios 15.0

  • Cisco Ios 15.1

  • Cisco Ios 15.2

  • Cisco Ios Xe 2.3

  • Cisco Ios Xe 2.3.0

  • Cisco Ios Xe 2.3.1

  • Cisco Ios Xe 2.3.1t

  • Cisco Ios Xe 2.3.2

  • Cisco Ios Xe 2.4

  • Cisco Ios Xe 2.4.0

  • Cisco Ios Xe 2.4.1

  • Cisco Ios Xe 2.4.2

  • Cisco Ios Xe 2.4.3

  • Cisco Ios Xe 2.4.4

  • Cisco Ios Xe 2.5.0

  • Cisco Ios Xe 2.5.1

  • Cisco Ios Xe 2.5.2

  • Cisco Ios Xe 2.6.0

  • Cisco Ios Xe 2.6.1

  • Cisco Ios Xe 2.6.2

  • Cisco Ios Xe 3.1.0s

  • Cisco Ios Xe 3.1.0sg

  • Cisco Ios Xe 3.1.1s

  • Cisco Ios Xe 3.1.1sg

  • Cisco Ios Xe 3.1.2s

  • Cisco Ios Xe 3.1.3s

  • Cisco Ios Xe 3.1.4s

  • Cisco Ios Xe 3.2.0s

  • Cisco Ios Xe 3.2.1s

  • Cisco Ios Xe 3.2.2s

  • Cisco Ios Xe 3.3.0s

  • Cisco Ios Xe 3.4.0s


References

CISCO - 20120328 Cisco IOS Software Reverse SSH Denial of Service Vulnerability

XF - ciscoios-sshv2-dos(74404)

OSVDB - 80695

BID - 52752


Last Updated: 27 May 2016 10:57:30