CVE-2005-1021
First published: Sat Apr 09 2005(Updated: )
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Puppet Cisco IOS | =12.0s | |
| Puppet Cisco IOS | =12.0sx | |
| Puppet Cisco IOS | =12.1ax | |
| Puppet Cisco IOS | =12.1az | |
| Puppet Cisco IOS | =12.1db | |
| Puppet Cisco IOS | =12.1dc | |
| Puppet Cisco IOS | =12.1e | |
| Puppet Cisco IOS | =12.1ea | |
| Puppet Cisco IOS | =12.1eb | |
| Puppet Cisco IOS | =12.1ec | |
| Puppet Cisco IOS | =12.1eu | |
| Puppet Cisco IOS | =12.1ew | |
| Puppet Cisco IOS | =12.1ex | |
| Puppet Cisco IOS | =12.1t | |
| Puppet Cisco IOS | =12.1xd | |
| Puppet Cisco IOS | =12.1xe | |
| Puppet Cisco IOS | =12.1xf | |
| Puppet Cisco IOS | =12.1xg | |
| Puppet Cisco IOS | =12.1xh | |
| Puppet Cisco IOS | =12.1xi | |
| Puppet Cisco IOS | =12.1xl | |
| Puppet Cisco IOS | =12.1xm | |
| Puppet Cisco IOS | =12.1xp | |
| Puppet Cisco IOS | =12.1xq | |
| Puppet Cisco IOS | =12.1xr | |
| Puppet Cisco IOS | =12.1xt | |
| Puppet Cisco IOS | =12.1xu | |
| Puppet Cisco IOS | =12.1xv | |
| Puppet Cisco IOS | =12.1ya | |
| Puppet Cisco IOS | =12.1yb | |
| Puppet Cisco IOS | =12.1yc | |
| Puppet Cisco IOS | =12.1yd | |
| Puppet Cisco IOS | =12.1ye | |
| Puppet Cisco IOS | =12.1yf | |
| Puppet Cisco IOS | =12.1yh | |
| Puppet Cisco IOS | =12.1yi | |
| Puppet Cisco IOS | =12.2 | |
| Puppet Cisco IOS | =12.2b | |
| Puppet Cisco IOS | =12.2dd | |
| Puppet Cisco IOS | =12.2dx | |
| Puppet Cisco IOS | =12.2eu | |
| Puppet Cisco IOS | =12.2ew | |
| Puppet Cisco IOS | =12.2ewa | |
| Puppet Cisco IOS | =12.2ex | |
| Puppet Cisco IOS | =12.2s | |
| Puppet Cisco IOS | =12.2se | |
| Puppet Cisco IOS | =12.2sea | |
| Puppet Cisco IOS | =12.2seb | |
| Puppet Cisco IOS | =12.2su | |
| Puppet Cisco IOS | =12.2sv | |
| Puppet Cisco IOS | =12.2sx | |
| Puppet Cisco IOS | =12.2sxa | |
| Puppet Cisco IOS | =12.2sxb | |
| Puppet Cisco IOS | =12.2sxd | |
| Puppet Cisco IOS | =12.2sy | |
| Puppet Cisco IOS | =12.2sz | |
| Puppet Cisco IOS | =12.2t | |
| Puppet Cisco IOS | =12.2xa | |
| Puppet Cisco IOS | =12.2xc | |
| Puppet Cisco IOS | =12.2xf | |
| Puppet Cisco IOS | =12.2xn | |
| Puppet Cisco IOS | =12.2xs | |
| Puppet Cisco IOS | =12.2ye | |
| Puppet Cisco IOS | =12.2yk | |
| Puppet Cisco IOS | =12.2yo | |
| Puppet Cisco IOS | =12.2yx | |
| Puppet Cisco IOS | =12.2yz | |
| Puppet Cisco IOS | =12.2za | |
| Puppet Cisco IOS | =12.3t | |
| Puppet Cisco IOS | =12.3xd | |
| Puppet Cisco IOS | =12.3xe | |
| Puppet Cisco IOS | =12.3xf | |
| Puppet Cisco IOS | =12.3xg | |
| Puppet Cisco IOS | =12.3xh | |
| Puppet Cisco IOS | =12.3xi | |
| Puppet Cisco IOS | =12.3xj | |
| Puppet Cisco IOS | =12.3xk | |
| Puppet Cisco IOS | =12.3xl | |
| Puppet Cisco IOS | =12.3xm | |
| Puppet Cisco IOS | =12.3xq | |
| Puppet Cisco IOS | =12.3xr | |
| Puppet Cisco IOS | =12.3xs | |
| Puppet Cisco IOS | =12.3xu | |
| Puppet Cisco IOS | =12.3xw | |
| Puppet Cisco IOS | =12.3xx | |
| Puppet Cisco IOS | =12.3xy | |
| Puppet Cisco IOS | =12.3ya | |
| Puppet Cisco IOS | =12.3yd | |
| Puppet Cisco IOS | =12.3yf | |
| Puppet Cisco IOS | =12.3yg | |
| Puppet Cisco IOS | =12.3yh | |
| Puppet Cisco IOS | =12.3yj | |
| Puppet Cisco IOS | =12.3yk |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml
- http://www.securityfocus.com/bid/13042
- http://www.securitytracker.com/alerts/2005/Apr/1013655.html
- http://secunia.com/advisories/14854
- http://www.osvdb.org/15303
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19991
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5687
Frequently Asked Questions
What is the severity of CVE-2005-1021?
CVE-2005-1021 has a severity level that allows remote attackers to cause a denial of service through memory consumption.
How do I fix CVE-2005-1021?
To fix CVE-2005-1021, upgrade to a version of Cisco IOS that is not affected by this vulnerability, such as 12.4 or later.
Which versions of Cisco IOS are affected by CVE-2005-1021?
CVE-2005-1021 affects Cisco IOS versions 12.0 through 12.3.
What type of attack is made possible by CVE-2005-1021?
CVE-2005-1021 enables a denial of service attack due to a memory leak when authenticating against a TACACS+ server.
Can CVE-2005-1021 be exploited remotely?
Yes, CVE-2005-1021 can be exploited remotely by sending incorrect usernames or passwords.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/12.0s
- version/cisco ios/12.0sx
- version/cisco ios/12.1ax
- version/cisco ios/12.1az
- version/cisco ios/12.1db
- version/cisco ios/12.1dc
- version/cisco ios/12.1e
- version/cisco ios/12.1ea
- version/cisco ios/12.1eb
- version/cisco ios/12.1ec
- version/cisco ios/12.1eu
- version/cisco ios/12.1ew
- version/cisco ios/12.1ex
- version/cisco ios/12.1t
- version/cisco ios/12.1xd
- version/cisco ios/12.1xe
- version/cisco ios/12.1xf
- version/cisco ios/12.1xg
- version/cisco ios/12.1xh
- version/cisco ios/12.1xi
- version/cisco ios/12.1xl
- version/cisco ios/12.1xm
- version/cisco ios/12.1xp
- version/cisco ios/12.1xq
- version/cisco ios/12.1xr
- version/cisco ios/12.1xt
- version/cisco ios/12.1xu
- version/cisco ios/12.1xv
- version/cisco ios/12.1ya
- version/cisco ios/12.1yb
- version/cisco ios/12.1yc
- version/cisco ios/12.1yd
- version/cisco ios/12.1ye
- version/cisco ios/12.1yf
- version/cisco ios/12.1yh
- version/cisco ios/12.1yi
- version/cisco ios/12.2
- version/cisco ios/12.2b
- version/cisco ios/12.2dd
- version/cisco ios/12.2dx
- version/cisco ios/12.2eu
- version/cisco ios/12.2ew
- version/cisco ios/12.2ewa
- version/cisco ios/12.2ex
- version/cisco ios/12.2s
- version/cisco ios/12.2se
- version/cisco ios/12.2sea
- version/cisco ios/12.2seb
- version/cisco ios/12.2su
- version/cisco ios/12.2sv
- version/cisco ios/12.2sx
- version/cisco ios/12.2sxa
- version/cisco ios/12.2sxb
- version/cisco ios/12.2sxd
- version/cisco ios/12.2sy
- version/cisco ios/12.2sz
- version/cisco ios/12.2t
- version/cisco ios/12.2xa
- version/cisco ios/12.2xc
- version/cisco ios/12.2xf
- version/cisco ios/12.2xn
- version/cisco ios/12.2xs
- version/cisco ios/12.2ye
- version/cisco ios/12.2yk
- version/cisco ios/12.2yo
- version/cisco ios/12.2yx
- version/cisco ios/12.2yz
- version/cisco ios/12.2za
- version/cisco ios/12.3t
- version/cisco ios/12.3xd
- version/cisco ios/12.3xe
- version/cisco ios/12.3xf
- version/cisco ios/12.3xg
- version/cisco ios/12.3xh
- version/cisco ios/12.3xi
- version/cisco ios/12.3xj
- version/cisco ios/12.3xk
- version/cisco ios/12.3xl
- version/cisco ios/12.3xm
- version/cisco ios/12.3xq
- version/cisco ios/12.3xr
- version/cisco ios/12.3xs
- version/cisco ios/12.3xu
- version/cisco ios/12.3xw
- version/cisco ios/12.3xx
- version/cisco ios/12.3xy
- version/cisco ios/12.3ya
- version/cisco ios/12.3yd
- version/cisco ios/12.3yf
- version/cisco ios/12.3yg
- version/cisco ios/12.3yh
- version/cisco ios/12.3yj
- version/cisco ios/12.3yk