CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1360

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0520%
EPSS Percentile40.34th
PublishedDec 23, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.

Affected Platforms (CPE)

πŸ’»
Cisco

Ios

= 12.0s
πŸ’»
Cisco

Ios

= 12.0st
πŸ’»
Cisco

Ios

= 12.1e
πŸ’»
Cisco

Ios

= 12.1ea
πŸ’»
Cisco

Ios

= 12.1t
πŸ’»
Cisco

Ios

= 12.2
πŸ’»
Cisco

Ios

= 12.2s
πŸ’»
Cisco

Ios

= 12.2t
πŸ“¦
Fissh

Ssh Client

= 1.0a_for_windows
πŸ“¦
Intersoft

Securenetterm

= 5.4.1
πŸ“¦
Netcomposite

Shellguard Ssh

= 3.4.6
πŸ“¦
Pragma Systems

Secureshell

= 2.0
πŸ“¦
Putty

Putty

= 0.48
πŸ“¦
Putty

Putty

= 0.49
πŸ“¦
Putty

Putty

= 0.53
πŸ“¦
Winscp

Winscp

= 2.0.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html
πŸ”— http://securitytracker.com/id?1005812
πŸ”— http://securitytracker.com/id?1005813
πŸ”— http://www.cert.org/advisories/CA-2002-36.html
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html
πŸ”— http://securitytracker.com/id?1005812
πŸ”— http://securitytracker.com/id?1005813

Related Vulnerabilities

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...