CVE-2011-0949

{"id": "CVE-2011-0949", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-05-31T20:55:01.877", "references": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18f.shtml", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18f.shtml", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417."}, {"lang": "es", "value": "Cisco IOS XR v3.6.x, v3.8.x antes de v3.8.3, y v3.9.x antes de v3.9.1 no elimina correctamente los archivos sshd_lock /tmp/, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de disco) mediante muchas conexiones SSHv1, fallo conocido como ID CSCtd64417."}], "lastModified": "2024-11-21T01:25:12.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F497A05C-2FC5-427D-8036-2476ACA956C0"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1131A524-AA7A-4C94-9FFE-54546EA7D2CC"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D1A634-D39C-4305-8915-4AA289FB68EE"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96F48419-AF66-4B50-ACBF-9E38287A64FA"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}