ID CVE-2005-1021
Summary Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
References
Vulnerable Configurations
  • Cisco IOS 12.0S
    cpe:2.3:o:cisco:ios:12.0s
  • Cisco IOS 12.0SX
    cpe:2.3:o:cisco:ios:12.0sx
  • Cisco IOS 12.1AX
    cpe:2.3:o:cisco:ios:12.1ax
  • Cisco IOS 12.1AZ
    cpe:2.3:o:cisco:ios:12.1az
  • Cisco IOS 12.1DB
    cpe:2.3:o:cisco:ios:12.1db
  • Cisco IOS 12.1DC
    cpe:2.3:o:cisco:ios:12.1dc
  • Cisco IOS 12.1E
    cpe:2.3:o:cisco:ios:12.1e
  • Cisco IOS 12.1EA
    cpe:2.3:o:cisco:ios:12.1ea
  • Cisco IOS 12.1EB
    cpe:2.3:o:cisco:ios:12.1eb
  • Cisco IOS 12.1EC
    cpe:2.3:o:cisco:ios:12.1ec
  • Cisco IOS 12.1EU
    cpe:2.3:o:cisco:ios:12.1eu
  • Cisco IOS 12.1EW
    cpe:2.3:o:cisco:ios:12.1ew
  • Cisco IOS 12.1EX
    cpe:2.3:o:cisco:ios:12.1ex
  • Cisco IOS 12.1T
    cpe:2.3:o:cisco:ios:12.1t
  • Cisco IOS 12.1XD
    cpe:2.3:o:cisco:ios:12.1xd
  • Cisco IOS 12.1XE
    cpe:2.3:o:cisco:ios:12.1xe
  • Cisco IOS 12.1XF
    cpe:2.3:o:cisco:ios:12.1xf
  • Cisco IOS 12.1XG
    cpe:2.3:o:cisco:ios:12.1xg
  • Cisco IOS 12.1XH
    cpe:2.3:o:cisco:ios:12.1xh
  • Cisco IOS 12.1XI
    cpe:2.3:o:cisco:ios:12.1xi
  • Cisco IOS 12.1XL
    cpe:2.3:o:cisco:ios:12.1xl
  • Cisco IOS 12.1XM
    cpe:2.3:o:cisco:ios:12.1xm
  • Cisco IOS 12.1XP
    cpe:2.3:o:cisco:ios:12.1xp
  • Cisco IOS 12.1XQ
    cpe:2.3:o:cisco:ios:12.1xq
  • Cisco IOS 12.1XR
    cpe:2.3:o:cisco:ios:12.1xr
  • Cisco IOS 12.1XT
    cpe:2.3:o:cisco:ios:12.1xt
  • Cisco IOS 12.1XU
    cpe:2.3:o:cisco:ios:12.1xu
  • Cisco IOS 12.1XV
    cpe:2.3:o:cisco:ios:12.1xv
  • Cisco IOS 12.1YA
    cpe:2.3:o:cisco:ios:12.1ya
  • Cisco IOS 12.1YB
    cpe:2.3:o:cisco:ios:12.1yb
  • Cisco IOS 12.1YC
    cpe:2.3:o:cisco:ios:12.1yc
  • Cisco IOS 12.1YD
    cpe:2.3:o:cisco:ios:12.1yd
  • Cisco IOS 12.1YE
    cpe:2.3:o:cisco:ios:12.1ye
  • Cisco IOS 12.1YF
    cpe:2.3:o:cisco:ios:12.1yf
  • Cisco IOS 12.1YH
    cpe:2.3:o:cisco:ios:12.1yh
  • Cisco IOS 12.1YI
    cpe:2.3:o:cisco:ios:12.1yi
  • Cisco IOS 12.2
    cpe:2.3:o:cisco:ios:12.2
  • Cisco IOS 12.2B
    cpe:2.3:o:cisco:ios:12.2b
  • Cisco IOS 12.2DD
    cpe:2.3:o:cisco:ios:12.2dd
  • Cisco IOS 12.2DX
    cpe:2.3:o:cisco:ios:12.2dx
  • Cisco IOS 12.2EU
    cpe:2.3:o:cisco:ios:12.2eu
  • Cisco IOS 12.2EW
    cpe:2.3:o:cisco:ios:12.2ew
  • Cisco IOS 12.2EWA
    cpe:2.3:o:cisco:ios:12.2ewa
  • Cisco IOS 12.2EX
    cpe:2.3:o:cisco:ios:12.2ex
  • Cisco IOS 12.2S
    cpe:2.3:o:cisco:ios:12.2s
  • Cisco IOS 12.2SE
    cpe:2.3:o:cisco:ios:12.2se
  • Cisco IOS 12.2 SEA
    cpe:2.3:o:cisco:ios:12.2sea
  • Cisco IOS 12.2SEB
    cpe:2.3:o:cisco:ios:12.2seb
  • Cisco IOS 12.2SU
    cpe:2.3:o:cisco:ios:12.2su
  • Cisco IOS 12.2SV
    cpe:2.3:o:cisco:ios:12.2sv
  • Cisco IOS 12.2SX
    cpe:2.3:o:cisco:ios:12.2sx
  • Cisco IOS 12.2SXA
    cpe:2.3:o:cisco:ios:12.2sxa
  • Cisco IOS 12.2SXB
    cpe:2.3:o:cisco:ios:12.2sxb
  • Cisco IOS 12.2SXD
    cpe:2.3:o:cisco:ios:12.2sxd
  • Cisco IOS 12.2SY
    cpe:2.3:o:cisco:ios:12.2sy
  • Cisco IOS 12.2SZ
    cpe:2.3:o:cisco:ios:12.2sz
  • Cisco IOS 12.2T
    cpe:2.3:o:cisco:ios:12.2t
  • Cisco IOS 12.2XA
    cpe:2.3:o:cisco:ios:12.2xa
  • Cisco IOS 12.2XC
    cpe:2.3:o:cisco:ios:12.2xc
  • Cisco IOS 12.2XF
    cpe:2.3:o:cisco:ios:12.2xf
  • Cisco IOS 12.2XN
    cpe:2.3:o:cisco:ios:12.2xn
  • Cisco IOS 12.2XS
    cpe:2.3:o:cisco:ios:12.2xs
  • Cisco IOS 12.2YE
    cpe:2.3:o:cisco:ios:12.2ye
  • Cisco IOS 12.2YK
    cpe:2.3:o:cisco:ios:12.2yk
  • Cisco IOS 12.2YO
    cpe:2.3:o:cisco:ios:12.2yo
  • Cisco IOS 12.2YX
    cpe:2.3:o:cisco:ios:12.2yx
  • Cisco IOS 12.2YZ
    cpe:2.3:o:cisco:ios:12.2yz
  • Cisco IOS 12.2ZA
    cpe:2.3:o:cisco:ios:12.2za
  • Cisco IOS 12.3T
    cpe:2.3:o:cisco:ios:12.3t
  • Cisco IOS 12.3XD
    cpe:2.3:o:cisco:ios:12.3xd
  • Cisco IOS 12.3XE
    cpe:2.3:o:cisco:ios:12.3xe
  • Cisco IOS 12.3XF
    cpe:2.3:o:cisco:ios:12.3xf
  • Cisco IOS 12.3XG
    cpe:2.3:o:cisco:ios:12.3xg
  • Cisco IOS 12.3XH
    cpe:2.3:o:cisco:ios:12.3xh
  • Cisco IOS 12.3XI
    cpe:2.3:o:cisco:ios:12.3xi
  • Cisco IOS 12.3XJ
    cpe:2.3:o:cisco:ios:12.3xj
  • Cisco IOS 12.3XK
    cpe:2.3:o:cisco:ios:12.3xk
  • Cisco IOS 12.3XL
    cpe:2.3:o:cisco:ios:12.3xl
  • Cisco IOS 12.3XM
    cpe:2.3:o:cisco:ios:12.3xm
  • Cisco IOS 12.3XQ
    cpe:2.3:o:cisco:ios:12.3xq
  • Cisco IOS 12.3XR
    cpe:2.3:o:cisco:ios:12.3xr
  • Cisco IOS 12.3XS
    cpe:2.3:o:cisco:ios:12.3xs
  • Cisco IOS 12.3XU
    cpe:2.3:o:cisco:ios:12.3xu
  • Cisco IOS 12.3XW
    cpe:2.3:o:cisco:ios:12.3xw
  • Cisco IOS 12.3XX
    cpe:2.3:o:cisco:ios:12.3xx
  • Cisco IOS 12.3XY
    cpe:2.3:o:cisco:ios:12.3xy
  • Cisco IOS 12.3YA
    cpe:2.3:o:cisco:ios:12.3ya
  • Cisco IOS 12.3YD
    cpe:2.3:o:cisco:ios:12.3yd
  • Cisco IOS 12.3YF
    cpe:2.3:o:cisco:ios:12.3yf
  • Cisco IOS 12.3YG
    cpe:2.3:o:cisco:ios:12.3yg
  • Cisco IOS 12.3YH
    cpe:2.3:o:cisco:ios:12.3yh
  • Cisco IOS 12.3YJ
    cpe:2.3:o:cisco:ios:12.3yj
  • Cisco IOS 12.3YK
    cpe:2.3:o:cisco:ios:12.3yk
CVSS
Base: 7.1 (as of 14-06-2005 - 10:11)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20050406-SSHHTTP.NASL
    description Certain release trains of Cisco Internetwork Operating System (IOS), when configured to use the IOS Secure Shell (SSH) server in combination with Terminal Access Controller Access Control System Plus (TACACS+) as a means to perform remote management tasks on IOS devices, may contain two vulnerabilities that can potentially cause IOS devices to exhaust resources and reload. Repeated exploitation of these vulnerabilities can result in a denial of service (DoS) condition. Use of SSH with other authentication methods like Remote Authentication Dial In User Service (RADIUS) and the local user database may also be affected.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48983
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48983
    title Vulnerabilities in Cisco IOS Secure Shell Server - Cisco Systems
  • NASL family CISCO
    NASL id CSCED65778.NASL
    description The remote version of IOS has the ability to enable an SSH server to let the administrators connect to the remote device. There is an implementation flaw in the remote version of this software which may allow an attacker to cause a resource starvation on the remote device, thus preventing it from routing properly.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 17988
    published 2005-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17988
    title Cisco IOS Secure Shell Server TACACS+ Multiple DoS (CSCed65778, CSCed65285)
oval via4
accepted 2008-09-08T04:00:36.790-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
family ios
id oval:org.mitre.oval:def:5687
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco Systems IOS SSH Transmission Control Blocks DoS Vulnerability
version 3
refmap via4
bid 13042
cisco 20050406 Vulnerabilities in Cisco IOS Secure Shell Server
osvdb 15303
sectrack 1013655
secunia 14854
xf cisco-ios-memory-leak-dos(19991)
Last major update 04-03-2009 - 00:32
Published 02-05-2005 - 00:00
Last modified 10-10-2017 - 21:30
Back to Top