← Back

CVE-2002-1358

nvd nist
Published: Dec 23, 2002Modified: Apr 16, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Affected (16)

Products: Cisco: Ios · Fissh: Ssh Client · Intersoft: Securenetterm · +4 more
Show all products
Cisco: Ios · Fissh: Ssh Client · Intersoft: Securenetterm · Netcomposite: Shellguard Ssh · Pragma Systems: Secureshell · Putty: Putty · Winscp: Winscp
Cisco
1 product
Ios
Fissh
1 product
Ssh Client
Intersoft
1 product
Securenetterm
Netcomposite
1 product
Shellguard Ssh
Pragma Systems
1 product
Secureshell
Putty
1 product
Putty
Winscp
1 product
Winscp
Configuration A
16 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Ios
Version 12.0s
Ios
Version 12.0st
Ios
Version 12.1e
Ios
Version 12.1ea
Ios
Version 12.1t
Ios
Version 12.2
Ios
Version 12.2s
Ios
Version 12.2t
Ssh Client
Version 1.0a_for_windows
Securenetterm
Version 5.4.1
Shellguard Ssh
Version 3.4.6
Secureshell
Version 2.0
Putty
Putty
Version 0.48
Putty
Version 0.49
Putty
Version 0.53
Winscp
Version 2.0.0

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.