Executive Summary
Summary | |
---|---|
Title | Icon Labs SSH server vulnerabilities |
Informations | |||
---|---|---|---|
Name | VU#626979 | First vendor Publication | 2008-06-09 |
Vendor | VU-CERT | Last vendor Modification | 2008-07-10 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#626979Icon Labs SSH server vulnerabilitiesOverviewThe Icon Labs Iconfidant SSH server contails multiple vulnerabilities. The most severe of these issues may allow an attacker to cause a vulnerable system to crash.I. DescriptionThe Iconfident SSH is a Secure Shell (SSH) server that runs on VxWorks-based systems. Versions of the Iconfident server prior to 2.3.8 contain multiple denial of service vulnerabilities.II. ImpactA remote, unauthenticated attacker may be able to cause a vulnerable system to crash or become unable to accept remote SSH connections.III. SolutionUpgradeIcon Labs has released Iconfident SSH server 2.3.8 to address these issues.
References
Thanks to Icon Labs for information that was used in this report. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/626979 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-287 | Improper Authentication |
33 % | CWE-255 | Credentials Management |
33 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45688 | Cisco Cisco Service Control Engine (SCE) SSH Server Management Interface Traf... |
45687 | Cisco Cisco Service Control Engine (SCE) SSH Engine Authentication Method Man... |
45686 | Cisco Cisco Service Control Engine (SCE) SSH Engine Login Activity Unspecifie... |