Back to CVE Browser

CVE-2002-1358

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0730%

EPSS Percentile17.92th

PublishedDec 23, 2002

Last ModifiedApr 16, 2026

Vulnerability Description

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Affected Platforms (CPE)

💻

Cisco

Ios

= 12.0s

💻

Cisco

Ios

= 12.0st

💻

Cisco

Ios

= 12.1e

💻

Cisco

Ios

= 12.1ea

💻

Cisco

Ios

= 12.1t

💻

Cisco

Ios

= 12.2

💻

Cisco

Ios

= 12.2s

💻

Cisco

Ios

= 12.2t

📦

Fissh

Ssh Client

= 1.0a_for_windows

📦

Intersoft

Securenetterm

= 5.4.1

📦

Netcomposite

Shellguard Ssh

= 3.4.6

📦

Pragma Systems

Secureshell

= 2.0

📦

Putty

Putty

= 0.48

📦

Putty

Putty

= 0.49

📦

Putty

Putty

= 0.53

📦

Winscp

Winscp

= 2.0.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

🔗 http://securitytracker.com/id?1005812

🔗 http://securitytracker.com/id?1005813

🔗 http://www.cert.org/advisories/CA-2002-36.html

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

🔗 http://securitytracker.com/id?1005812

🔗 http://securitytracker.com/id?1005813

Related Vulnerabilities

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...