search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Cisco Catalyst reboots in response to an SSH "protocol mismatch" error

Vulnerability Note VU#463944

Original Release Date: 2004-03-29 | Last Revised: 2004-03-31

Overview

Multiple versions of Cisco Catalyst switches contain a denial-of-service vulnerability that allows unauthenticated remote users to restart an affected device.

Description

Cisco Catalyst switches in the 6000, 5000, and 4000 series contain a vulnerability in their SSH support component. The vulnerability is triggered by attempting to connect to the SSH service using a protocol other than SSH. The attempt generates a "protocol mismatch" error and causes the switch to restart, resulting in a denial-of-service condition.

Impact

This vulnerability allows unauthenticated remote users to restart an affected switch, resulting in a denial-of-service condition.

Solution

In December 2000, Cisco published a Cisco Security Advisory to address this issue. For patch information and a list of affected systems, please see:

http://www.cisco.com/warp/public/707/catalyst-ssh-protocolmismatch-pub.shtml

Vendor Information

463944
 

Cisco Systems Inc. Affected

Notified:  December 21, 2000 Updated: March 29, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Cisco has published a Cisco Security Advisory to address this issue. For patch information and a list of affected systems, please see:


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was reported by Cisco.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs: CVE-2001-0080
Severity Metric: 21.00
Date Public: 2000-12-20
Date First Published: 2004-03-29
Date Last Updated: 2004-03-31 14:32 UTC
Document Revision: 18

Sponsored by CISA.