PT-2008-2164 · Icon+1 · Icon Labs Iconfidant Ssh+1
Published
2008-05-22
·
Updated
2017-08-08
·
CVE-2008-0536
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Service Control Engine (SCE) versions 3.0.x through 3.0.6
Cisco Service Control Engine (SCE) versions 3.1.x through 3.0.x
Icon Labs Iconfidant SSH versions prior to 2.3.8
Description
The issue allows remote attackers to cause a denial of service, specifically a management interface outage, via SSH traffic during management operations. This is triggered by "illegal I/O operations".
Recommendations
For Cisco Service Control Engine (SCE) versions 3.0.x through 3.0.6, update to version 3.0.7 or later.
For Cisco Service Control Engine (SCE) versions 3.1.x through 3.0.x, update to version 3.1.0 or later.
For Icon Labs Iconfidant SSH versions prior to 2.3.8, update to version 2.3.8 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Service Control Engine
Icon Labs Iconfidant Ssh