Strix
26.1K

CVE-2005-1020

UnknownEPSS 1.73%

Last modified

CVE-2005-1020 is a vulnerability of currently unknown severity. Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.. EPSS estimates a 1.73% chance of exploitation in the next 30 days.

Description

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.

Metrics

EPSS Probability
1.73%

74.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.0
CiscoIos12.0\(23\)s4
CiscoIos12.0\(23\)s5
CiscoIos12.0\(24\)s1
CiscoIos12.0\(24\)s4
CiscoIos12.0\(24\)s5
CiscoIos12.0\(24.2\)s
CiscoIos12.0\(26\)s1
CiscoIos12.0\(27\)s
CiscoIos12.0\(27\)sv
CiscoIos12.0\(27\)sv1
CiscoIos12.0da
CiscoIos12.0db
CiscoIos12.0dc
CiscoIos12.0s
CiscoIos12.0sc
CiscoIos12.0sl
CiscoIos12.0sp
CiscoIos12.0st
CiscoIos12.0sv
CiscoIos12.0sx
CiscoIos12.0sy
CiscoIos12.0sz
CiscoIos12.0t
CiscoIos12.0w5
CiscoIos12.0wc
CiscoIos12.0wt
CiscoIos12.0wx
CiscoIos12.0xa
CiscoIos12.0xb
CiscoIos12.0xc
CiscoIos12.0xd
CiscoIos12.0xe
CiscoIos12.0xf
CiscoIos12.0xg
CiscoIos12.0xh
CiscoIos12.0xi
CiscoIos12.0xj
CiscoIos12.0xk
CiscoIos12.0xl
CiscoIos12.0xm
CiscoIos12.0xn
CiscoIos12.0xp
CiscoIos12.0xq
CiscoIos12.0xr
CiscoIos12.0xs
CiscoIos12.0xt
CiscoIos12.0xu
CiscoIos12.0xv
CiscoIos12.0xw

Showing 50 of 337 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2005-1020?
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.
How severe is CVE-2005-1020?
Severity scoring for CVE-2005-1020 is pending analysis. The EPSS model estimates a 1.73% probability of exploitation in the next 30 days.
How do I fix CVE-2005-1020?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-1020?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST