-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Monday, December 30, 2002 9:57 AM To: Cyber Threats Subject: [Cyber_threats] Daily News 12/30/02 December 26, SecuriTeam Cisco Vulnerable to SSH Malformed Packet Vulnerabilities. Certain Cisco products containing support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. The vulnerability can be exploited to make an affected product unavailable for several minutes while the device reloads. Once it has resumed normal processing, the device is still vulnerable and can be forced to reload repeatedly. A table listing all the versions being affected, and their available fixes can be found at http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml#Softwar e. Upgrades may be obtained through Cisco's website at http://www.cisco.com/tacpage/sw-center/. Workarounds consist of disabling the SSH server, removing SSH as a remote access method, permitting only trusted hosts to connect to the server, and blocking SSH traffic to the device completely via external mechanisms. Source: http://www.securiteam.com Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] 137(netbios-ns); 80 (http); 1433(ms-sql-s); 445(microsoft-ds); 21(ftp); 443(https); 53(domain); 4662; 139(netbios-ssn); 1524(ingreslock) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Mon Dec 30 2002 - 13:34:39 PST