7.8 - VU#626979

Executive Summary

Summary
Title	Icon Labs SSH server vulnerabilities

Informations
Name	VU#626979	First vendor Publication	2008-06-09
Vendor	VU-CERT	Last vendor Modification	2008-07-10
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score	7.8	Attack Range	Network
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#626979

Icon Labs SSH server vulnerabilities

Overview

The Icon Labs Iconfidant SSH server contails multiple vulnerabilities. The most severe of these issues may allow an attacker to cause a vulnerable system to crash.

I. Description

The Iconfident SSH is a Secure Shell (SSH) server that runs on VxWorks-based systems. Versions of the Iconfident server prior to 2.3.8 contain multiple denial of service vulnerabilities.

II. Impact

A remote, unauthenticated attacker may be able to cause a vulnerable system to crash or become unable to accept remote SSH connections.

III. Solution

Upgrade

Icon Labs has released Iconfident SSH server 2.3.8 to address these issues.

Restrict access

Restricting access to the Iconfident SSH server by using access control lists or firewall rules may prevent an attacker from exploiting this vulnerability.

Systems Affected

Vendor	Status	Date Updated
3com, Inc.	Unknown	9-Jun-2008
Alcatel	Unknown	9-Jun-2008
AT&T	Unknown	9-Jun-2008
Avaya, Inc.	Unknown	9-Jun-2008
Borderware Technologies	Unknown	9-Jun-2008
Bro	Unknown	9-Jun-2008
Charlotte's Web Networks	Unknown	9-Jun-2008
Check Point Software Technologies	Unknown	9-Jun-2008
Cisco Systems, Inc.	Vulnerable	12-Jun-2008
Clavister	Unknown	9-Jun-2008
Conectiva Inc.	Unknown	9-Jun-2008
Cray Inc.	Unknown	9-Jun-2008
D-Link Systems, Inc.	Unknown	9-Jun-2008
Data Connection, Ltd.	Unknown	9-Jun-2008
EMC Corporation	Unknown	9-Jun-2008
Engarde Secure Linux	Unknown	9-Jun-2008
Enterasys Networks	Unknown	9-Jun-2008
Ericsson	Not Vulnerable	12-Jun-2008
eSoft, Inc.	Unknown	9-Jun-2008
Extreme Networks	Unknown	9-Jun-2008
F5 Networks, Inc.	Unknown	9-Jun-2008
Force10 Networks, Inc.	Unknown	9-Jun-2008
Fortinet, Inc.	Unknown	9-Jun-2008
Foundry Networks, Inc.	Not Vulnerable	10-Jul-2008
Fujitsu	Unknown	9-Jun-2008
Global Technology Associates	Unknown	9-Jun-2008
Hewlett-Packard Company	Unknown	9-Jun-2008
Hitachi	Unknown	9-Jun-2008
Hyperchip	Unknown	9-Jun-2008
Icon Labs	Vulnerable	9-Jun-2008
Ingrian Networks, Inc.	Unknown	9-Jun-2008
Intel Corporation	Unknown	9-Jun-2008
Internet Security Systems, Inc.	Not Vulnerable	10-Jun-2008
Intoto	Unknown	9-Jun-2008
IP Filter	Unknown	9-Jun-2008
Juniper Networks, Inc.	Unknown	9-Jun-2008
Linksys (A division of Cisco Systems)	Unknown	9-Jun-2008
Lucent Technologies	Unknown	9-Jun-2008
Luminous Networks	Unknown	9-Jun-2008
McAfee	Not Vulnerable	11-Jun-2008
MontaVista Software, Inc.	Unknown	9-Jun-2008
Multinet (owned Process Software Corporation)	Unknown	9-Jun-2008
Multitech, Inc.	Unknown	9-Jun-2008
NEC Corporation	Unknown	9-Jun-2008
Network Appliance, Inc.	Unknown	9-Jun-2008
NextHop Technologies, Inc.	Unknown	9-Jun-2008
Nokia	Unknown	9-Jun-2008
Nortel Networks, Inc.	Unknown	9-Jun-2008
QNX, Software Systems, Inc.	Unknown	9-Jun-2008
Riverstone Networks, Inc.	Unknown	9-Jun-2008
Sony Corporation	Unknown	9-Jun-2008
Stonesoft	Not Vulnerable	23-Jun-2008
Symantec, Inc.	Unknown	9-Jun-2008
TippingPoint, Technologies, Inc.	Not Vulnerable	10-Jul-2008
Watchguard Technologies, Inc.	Unknown	9-Jun-2008
Wind River Systems, Inc.	Unknown	9-Jun-2008
ZyXEL	Unknown	9-Jun-2008

References

http://www.icon-labs.com/news/read.asp?newsID=77
http://tools.ietf.org/html/rfc4252

Credit

Thanks to Icon Labs for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

Date Public	05/21/2008
Date First Published	06/09/2008 09:06:37 AM
Date Last Updated	07/10/2008
CERT Advisory
CVE Name
US-CERT Technical Alerts
Metric	5.62
Document Revision	12

Original Source

Url : http://www.kb.cert.org/vuls/id/626979

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-287	Improper Authentication
33 %	CWE-255	Credentials Management
33 %	CWE-20	Improper Input Validation

CPE : Common Platform Enumeration

Type	Description	Count
Application	Cisco Service Control Engine cpe:2.3:a:cisco:service_control_engine:3.0:::::::*	1

Open Source Vulnerability Database (OSVDB)

Id	Description
45688	Cisco Cisco Service Control Engine (SCE) SSH Server Management Interface Traf...
45687	Cisco Cisco Service Control Engine (SCE) SSH Engine Authentication Method Man...
45686	Cisco Cisco Service Control Engine (SCE) SSH Engine Login Activity Unspecifie...

Global Informations

Type	Count
CWE ID(s)	3
CPE ID(s)	1
osvdb(s)	3

	Related
7.8	CVE-2008-0536
7.8	CVE-2008-0535
7.8	CVE-2008-0534
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)