CVE-2012-0386 | Vulnerability Database | Aqua Security

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

Affected Software

Name	Vendor	Start Version	End Version
Ios	Cisco	12.2 (including)	12.2 (including)
Ios	Cisco	12.4 (including)	12.4 (including)
Ios	Cisco	15.0 (including)	15.0 (including)
Ios	Cisco	15.1 (including)	15.1 (including)
Ios	Cisco	15.2 (including)	15.2 (including)

References

http://osvdb.org/80695
http://secunia.com/advisories/48609
http://secunia.com/advisories/48641
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh
http://www.securityfocus.com/bid/52752
http://www.securitytracker.com/id?1026866
https://exchange.xforce.ibmcloud.com/vulnerabilities/74404
http://osvdb.org/80695
http://secunia.com/advisories/48609
http://secunia.com/advisories/48641
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh
http://www.securityfocus.com/bid/52752
http://www.securitytracker.com/id?1026866
https://exchange.xforce.ibmcloud.com/vulnerabilities/74404

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0386
CWE	https://cwe.mitre.org/data/definitions/310.html