Vulnerability Name:

CVE-2002-1357 (CCN-10868)

Assigned:2002-12-16
Published:2002-12-16
Updated:2017-10-11
Summary:Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: VULNWATCH
Type: UNKNOWN
20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors

Source: MITRE
Type: CNA
CVE-2002-1357

Source: CCN
Type: SECTRACK ID: 1005812
F-Secure SSH Client and Server SSH2 Implementation Bugs Allow Only Limited Remote Denial of Service Issues

Source: SECTRACK
Type: UNKNOWN
1005812

Source: CCN
Type: SECTRACK ID: 1005813
SSH Communications SSH Client and Server SSH2 Implementation Bugs Allow Only Limited Denial of Service

Source: SECTRACK
Type: UNKNOWN
1005813

Source: CCN
Type: CERT Advisory CA-2002-36
Multiple Vulnerabilities in SSH Implementations

Source: CERT
Type: Third Party Advisory, US Government Resource
CA-2002-36

Source: CCN
Type: PuTTY Web site
PuTTY Download Page

Source: CCN
Type: CIAC Information Bulletin N-028
Vulnerabilities in SSH2 Implementations from Multiple Vendors

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2002 December 19th 23:00 GMT
SSH Malformed Packet Vulnerabilities

Source: CCN
Type: US-CERT VU#389665
Multiple vendors` SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Source: CERT-VN
Type: US Government Resource
VU#389665

Source: CCN
Type: OSVDB ID: 8042
SSH2 Server/Client Incorrect Length Specifiers Arbitrary Code Execution

Source: CCN
Type: Pragma Systems Web site
Pragma SecureShell Updates

Source: CCN
Type: Rapid 7, Inc. Security Advisory R7-0009
Vulnerabilities in SSH2 Implementations from Multiple Vendors

Source: CCN
Type: SecureNetTerm Web site
Downloads - InterSoft International, Inc.

Source: CCN
Type: BID-6397
Multiple Vendor SSH2 Implementation Vulnerabilities

Source: BID
Type: UNKNOWN
6405

Source: CCN
Type: BID-6405
Multiple Vendor SSH2 Implementation Incorrect Field Length Vulnerabilities

Source: XF
Type: UNKNOWN
ssh-transport-length-bo(10868)

Source: XF
Type: UNKNOWN
ssh-transport-length-bo(10868)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5849

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:12.0s:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0st:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1e:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1ea:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2s:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2t:*:*:*:*:*:*:*
  • AND
  • cpe:/a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*
  • OR cpe:/a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.48:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.49:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:winscp:winscp:2.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*
  • OR cpe:/a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:winscp:winscp:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.48:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.49:*:*:*:*:*:*:*
  • OR cpe:/a:putty:putty:0.53:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:5849
    V
    		Multiple Vendors SSH2 "incorrect length fields" Vulnerability
    2014-06-09
    BACK
    cisco ios 12.0s
    cisco ios 12.0st
    cisco ios 12.1e
    cisco ios 12.1ea
    cisco ios 12.1t
    cisco ios 12.2
    cisco ios 12.2s
    cisco ios 12.2t
    fissh ssh client 1.0a_for_windows
    intersoft securenetterm 5.4.1
    netcomposite shellguard ssh 3.4.6
    pragma_systems secureshell 2.0
    putty putty 0.48
    putty putty 0.49
    putty putty 0.53
    winscp winscp 2.0.0
    fissh ssh client 1.0a_for_windows
    intersoft securenetterm 5.4.1
    netcomposite shellguard ssh 3.4.6
    pragma_systems secureshell 2.0
    winscp winscp 2.0.0
    putty putty 0.48
    putty putty 0.49
    putty putty 0.53