Vigil@nce - Cisco Aironet 1800: denial of service via SSHv2
January 2016 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can try to open numerous SSHv2 sessions
on Cisco Aironet 1800, in order to trigger a denial of service.
– Impacted products: Cisco Aironet.
– Severity: 2/4.
– Creation date: 16/11/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco Aironet 1800 product offers a SSHv2 service.
However, an attacker can try to open a session, which leaves
indefinitely an active process on Cisco Aironet, and consumes
resources.
An authenticated attacker can therefore try to open numerous SSHv2
sessions on Cisco Aironet 1800, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-Aironet-1800-denial-of-service-via-SSHv2-18312