SSH2 Servers and Clients Vulnerability: Denial of Service and Remote Code Execution

SSH2 Servers and Clients Vulnerability: Denial of Service and Remote Code Execution

CVE-2002-1358 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

Learn more about our Cis Benchmark Audit For Server Software.