Cisco Small Business Switches SSH/SSL Packets Processing

by Carol~ Moderator - 3/7/13 8:30 AM

In Reply to: VULNERABILITIES / FIXES - March 07, 2013 by Carol~ Moderator

Cisco Small Business Switches SSH/SSL Packets Processing Denial of Service Vulnerability

Release Date: 2013-03-07

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System :
Cisco Small Business Managed Switches 300 Series
Cisco Small Business Smart Switches 200 Series
Cisco Small Business Stackable Managed 500 Series

A vulnerability has been reported in Cisco Small Business Switches, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error when processing SSH or SSL packets. This can be exploited to cause a SSL/TLS protocol layer to fail and render some service unusable by sending specially crafted SSH or SSL packets.

Please see the vendor's advisory for a list of affected versions.

Apply patches (please see the vendor's advisory for details).

Provided and/or discovered by:
The vendor credits Hisashi Kojima and Masahiro Nakada, Fujitsu Laboratories LTD.

Original Advisory: