Vulnerability Description
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.0s |
| Cisco | Pix Firewall Software | 5.2 |
| Cisco | Css11000 Content Services Switch | All versions |
| Cisco | Catos | 5.3\(1\)csx |
Related Weaknesses (CWE)
References
- http://www.cisco.com/warp/public/707/SSH-scanning.shtml
- http://www.iss.net/security_center/static/9437.phpPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/290140US Government Resource
- http://www.securityfocus.com/bid/5114PatchVendor Advisory
- http://www.cisco.com/warp/public/707/SSH-scanning.shtml
- http://www.iss.net/security_center/static/9437.phpPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/290140US Government Resource
- http://www.securityfocus.com/bid/5114PatchVendor Advisory
FAQ
What is CVE-2002-1024?
CVE-2002-1024 is a vulnerability with a CVSS score of 7.1 (HIGH). Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection ...
How severe is CVE-2002-1024?
CVE-2002-1024 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1024?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Pix Firewall Software, Cisco Css11000 Content Services Switch, Cisco Catos.