SSH.CRC32.Compensation.Attack

description-logoDescription

It indicates an overflow vulnerability in a Secure Shell (SSH) implementation.


SSH is used to remotely connect systems over encrypted TCP sessions. Due to a flaw in the CRC32 compensation attack detection, an attacker can execute arbitrary commands on a target by sending a specially-crafted packet to the SSH daemon.

affected-products-logoAffected Products

The following systems are vulnerable to the attack:


OpenSSH prior to version 2.2.


SSH Secure Communications prior to 1.2.31


Cisco IOS 12.1, 12.2

Impact logoImpact

Attackers gain root privileges on the victim system and can execute arbitrary commands.

recomended-action-logoRecommended Actions

Upgrade the system to the latest non-vulnerable version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)