Guest

Preview Tool

Cisco Bug: CSCul15478 - OpenSSH CVE-2010-5107 Denial of Service Vulnerability

Last Modified

Nov 30, 2018

Products (1)

  • Cisco Unified Computing System

Known Affected Releases

2.2(0.332)A

Description (partial)

Symptom:
Cisco Unified Computing System Fabric Interconnect Devices are affected by the OpenSSH issue described by CVE-2010-5107. This issue stems 
from the default values utilized for the MaxStartups parameter as supplied by OpenSSH.  To be exploited an attacker would need to have the ability to 
open SSH connections to the SSH Management port on the affected device.  If successful, they attacker could consume all available SSH connection 
slots provided by the SSH Daemon.  By reconnecting within the timeout period specified by the service the attacker could keep all connections 
consumed for an extended period of time.  This would result in the inability to access the SSH management console by authorized users. Any users that 
were connected via SSH at the time of the attack would continue to operate as expected.

Because this attack relies on long timers and timeouts, it creates very little resource strain on an affected device.  Only the connection pool for the SSH 
service is affected.  Once the attack stops users can connect to the device normally.

Conditions:
Devices running an affected version of Cisco UCS software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.