CVEブラウザに戻る

CVE-2002-1357

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1560%

EPSS Percentile20.69th

Published2002年12月23日

Last Modified2026年4月16日

Vulnerability Description

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Affected Platforms (CPE)

💻

Cisco

Ios

= 12.0s

💻

Cisco

Ios

= 12.0st

💻

Cisco

Ios

= 12.1e

💻

Cisco

Ios

= 12.1ea

💻

Cisco

Ios

= 12.1t

💻

Cisco

Ios

= 12.2

💻

Cisco

Ios

= 12.2s

💻

Cisco

Ios

= 12.2t

📦

Fissh

Ssh Client

= 1.0a_for_windows

📦

Intersoft

Securenetterm

= 5.4.1

📦

Netcomposite

Shellguard Ssh

= 3.4.6

📦

Pragma Systems

Secureshell

= 2.0

📦

Putty

Putty

= 0.48

📦

Putty

Putty

= 0.49

📦

Putty

Putty

= 0.53

📦

Winscp

Winscp

= 2.0.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

🔗 http://securitytracker.com/id?1005812

🔗 http://securitytracker.com/id?1005813

🔗 http://www.cert.org/advisories/CA-2002-36.html

🔗 http://www.kb.cert.org/vuls/id/389665

🔗 http://www.securityfocus.com/bid/6405

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/10868

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849

関連する脆弱性情報

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...