CVE-2002-1359 : Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

Published 2002-12-23 05:00:00

Updated 2017-10-11 01:29:04

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowInput validationExecute codeDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2002-1359

Probability of exploitation activity in the next 30 days: 97.18%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2002-1359

PuTTY Buffer Overflow

Disclosure Date: 2002-12-16

First seen: 2020-04-26

exploit/windows/ssh/putty_msg_debug

This module exploits a buffer overflow in the PuTTY SSH client that is triggered through a validation error in SSH.c. This vulnerability affects versions 0.53 and earlier. Authors: - MC <mc@metasploit.com>

More information

CVSS scores for CVE-2002-1359

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2002-1359

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2002-1359

http://www.securityfocus.com/bid/6407

Multiple Vendor SSH2 Implementation Buffer Overflow Vulnerabilities
http://securitytracker.com/id?1005813

CVEs referencing this url
http://securitytracker.com/id?1005812

CVEs referencing this url
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

Vendor Advisory

CVEs referencing this url
http://www.cert.org/advisories/CA-2002-36.html

Third Party Advisory;US Government Resource

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848
https://exchange.xforce.ibmcloud.com/vulnerabilities/10870

Products affected by CVE-2002-1359

Cisco » IOS » Version: 12.0s
cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.1t
cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.0st
cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.2
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.1e
cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.2t
cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.1ea
cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 12.2s
cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*
Matching versions
Pragma Systems » Secureshell » Version: 2.0
cpe:2.3:a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*
Matching versions
Putty » Putty » Version: 0.48
cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*
Matching versions
Putty » Putty » Version: 0.53
cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*
Matching versions
Putty » Putty » Version: 0.49
cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*
Matching versions
Fissh » Ssh Client » Version: 1.0a For Windows
cpe:2.3:a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*
Matching versions
Intersoft » Securenetterm » Version: 5.4.1
cpe:2.3:a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*
Matching versions
Netcomposite » Shellguard Ssh » Version: 3.4.6
cpe:2.3:a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*
Matching versions
Winscp » Winscp » Version: 2.0.0
cpe:2.3:a:winscp:winscp:2.0.0:*:*:*:*:*:*:*
Matching versions