Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios_xr | Cisco | 3.6.0 (including) | 3.6.0 (including) |
| Ios_xr | Cisco | 3.6.1 (including) | 3.6.1 (including) |
| Ios_xr | Cisco | 3.6.2 (including) | 3.6.2 (including) |
| Ios_xr | Cisco | 3.6.3 (including) | 3.6.3 (including) |
| Ios_xr | Cisco | 3.8.0 (including) | 3.8.0 (including) |
| Ios_xr | Cisco | 3.8.1 (including) | 3.8.1 (including) |
| Ios_xr | Cisco | 3.8.2 (including) | 3.8.2 (including) |
| Ios_xr | Cisco | 3.9.0 (including) | 3.9.0 (including) |