CVE Vulnerabilities

CVE-2011-0949

Published: May 31, 2011 | Modified: Jul 12, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.

Affected Software

Name Vendor Start Version End Version
Ios_xr Cisco 3.6.1 3.6.1
Ios_xr Cisco 3.6.2 3.6.2
Ios_xr Cisco 3.9.0 3.9.0
Ios_xr Cisco 3.8.1 3.8.1
Ios_xr Cisco 3.8.2 3.8.2
Ios_xr Cisco 3.6.0 3.6.0
Ios_xr Cisco 3.6.3 3.6.3
Ios_xr Cisco 3.8.0 3.8.0

References