FKIE_CVE-2008-0536

Vulnerability from fkie_nvd - Published: 2008-05-22 13:09 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563.
References
psirt@cisco.comhttp://secunia.com/advisories/30316Vendor Advisory
psirt@cisco.comhttp://secunia.com/advisories/30590Vendor Advisory
psirt@cisco.comhttp://securitytracker.com/id?1020074
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtmlPatch
psirt@cisco.comhttp://www.icon-labs.com/news/read.asp?newsID=77
psirt@cisco.comhttp://www.kb.cert.org/vuls/id/626979US Government Resource
psirt@cisco.comhttp://www.securityfocus.com/bid/29316
psirt@cisco.comhttp://www.securityfocus.com/bid/29609
psirt@cisco.comhttp://www.vupen.com/english/advisories/2008/1604/referencesVendor Advisory
psirt@cisco.comhttp://www.vupen.com/english/advisories/2008/1774/referencesVendor Advisory
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/42566
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30316Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30590Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020074
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.icon-labs.com/news/read.asp?newsID=77
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/626979US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29316
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29609
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1604/referencesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1774/referencesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42566
Impacted products
Vendor Product Version
cisco service_control_engine *
cisco service_control_engine 3.0
icon-labs iconfidant_ssh *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:service_control_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9282CB-43A7-44C4-A678-D5C67D3CF310",
              "versionEndIncluding": "3.1.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:service_control_engine:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "47EE0074-7A1C-44C3-AB50-DB1E7D06FF0B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:icon-labs:iconfidant_ssh:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1863D250-A98A-48FB-AFD1-8A73FC6F18CF",
              "versionEndIncluding": "2.3.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers \"illegal I/O operations,\" aka Bug ID CSCsh49563."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el servidor SSH en (1) Cisco Service Control Engine (SCE) versiones 3.0.x anteriores a 3.0.7 y versiones 3.1.x anteriores a 3.1.0, y (2) Icon Labs Iconfidant SSH versiones anteriores a 2.3.8, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de la interfaz de administraci\u00f3n) por medio de un tr\u00e1fico SSH que ocurre durante las operaciones de administraci\u00f3n y desencadena \"illegal I/O operations,\" tambi\u00e9n se conoce como ID de error CSCsh49563."
    }
  ],
  "id": "CVE-2008-0536",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-22T13:09:00.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30316"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30590"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1020074"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.icon-labs.com/news/read.asp?newsID=77"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/626979"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/29316"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/29609"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1604/references"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1774/references"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.icon-labs.com/news/read.asp?newsID=77"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/626979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1604/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1774/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42566"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.