CVE-2002-1024 : Denial of Service Vulnerability

Description

Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

Products

Cisco CSS11000 Content Services Switch
Cisco Catalyst 6000 5.3(1)CSX
Cisco CatOS 5.3 (1a)CSX
Cisco CatOS 5.3 (2)CSX
Cisco CatOS 5.3 (3)CSX
Cisco CatOS 5.3 (4)CSX
Cisco CatOS 5.3 (5)CSX
Cisco CatOS 5.3 (5a)CSX
Cisco CatOS 5.3 (6)CSX
Cisco CatOS 5.4
Cisco CatOS 5.4 (1)
Cisco CatOS 5.4 (2)
Cisco CatOS 5.4 (3)
Cisco CatOS 5.4 (4)
Cisco CatOS 5.5
Cisco CatOS 5.5 (13)
Cisco CatOS 5.5 (1)
Cisco CatOS 5.5 (2)
Cisco CatOS 5.5 (3)
Cisco CatOS 5.5 (4)
Cisco CatOS 5.5 (4a)
Cisco CatOS 5.5 (4b)
Cisco CatOS 6.1 (1)
Cisco CatOS 6.1 (1a)
Cisco CatOS 6.1 (1b)
Cisco CatOS 6.1 (1c)
Cisco Catalyst 6000 6.1 (2.13)
Cisco Catalyst 6000 6.2 (0.110)
Cisco Catalyst 6000 6.2 (0.111)
Cisco Catalyst 6000 6.3 (0.7)PAN
Cisco CatOS 6.3 (4)
Cisco CatOS 7.1
Cisco CatOS 7.1 (2)
Cisco IOS 12.0S
Cisco IOS 12.0SP
Cisco IOS 12.0ST
Cisco IOS 12.0XB
Cisco IOS 12.0XM
Cisco IOS 12.0Xv
Cisco IOS 12.1(1)EX
Cisco IOS 12.1(5c)EX
Cisco IOS 12.1(8a)EX
Cisco IOS 12.1(9)EX
Cisco IOS 12.1E
Cisco IOS 12.1EC
Cisco IOS 12.1T
Cisco IOS 12.1XB
Cisco IOS 12.1XC
Cisco IOS 12.1XF
Cisco IOS 12.1XG
Cisco IOS 12.1XH
Cisco IOS 12.1XI
Cisco IOS 12.1XJ
Cisco IOS 12.1XL
Cisco IOS 12.1XM
Cisco IOS 12.1XP
Cisco IOS 12.1XQ
Cisco IOS 12.1XT
Cisco IOS 12.1XU
Cisco IOS 12.1YB
Cisco IOS 12.1YC
Cisco IOS 12.1YD
Cisco IOS 12.1YE
Cisco IOS 12.1YF
Cisco IOS 12.1YI
Cisco IOS 12.2
Cisco IOS 12.2B
Cisco IOS 12.2BC
Cisco IOS 12.2DA
Cisco IOS 12.2DD
Cisco IOS 12.2S
Cisco IOS 12.2T
Cisco IOS 12.2XA
Cisco IOS 12.2XB
Cisco IOS 12.2XD
Cisco IOS 12.2XE
Cisco IOS 12.2XF
Cisco IOS 12.2XG
Cisco IOS 12.2XH
Cisco IOS 12.2XI
Cisco IOS 12.2XJ
Cisco IOS 12.2XK
Cisco IOS 12.2XL
Cisco IOS 12.2XM
Cisco IOS 12.2XN
Cisco IOS 12.2XQ
Cisco IOS 12.2XR
Cisco IOS 12.2XS
Cisco IOS 12.2XT
Cisco IOS 12.2XW
Cisco IOS 12.2YA
Cisco IOS 12.2YB
Cisco IOS 12.2YC
Cisco IOS 12.2YD
Cisco IOS 12.2YF
Cisco IOS 12.2YG
Cisco IOS 12.2YH
Cisco PIX Firewall Software 5.2
Cisco PIX Firewall Software 5.3
Cisco PIX Firewall Software 6.0
Cisco PIX Firewall Software 6.1
Cisco PIX Firewall Software 6.2

Questions to Ask Vendors

Can you confirm whether your systems are affected by CVE-2002-1024, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2002-1024 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions

Check out the advisory links provided below.

References

https://nvd.nist.gov/vuln/detail/CVE-2002-1024

PUBLISHED DATE: October 4, 2002CVE-2002-1024:
Denial of Service Vulnerability

CVSS:

EPSS:

Exploitability:

In KEV:

Description

Products

Questions to Ask Vendors

Recommended Actions

References

Ready to get results you can trust?