2 matches found
Cisco ASR StarOS SSH Login Parameter Handling Privilege Escalation (cisco-sa-20170315-asr)
The remote Cisco ASR device is affected by a privilege escalation vulnerability in StarOS in the Secure Shell SSH subsystem due to improper validation of parameters passed during SSH or SFTP login. An authenticated, remote attacker can exploit this, by sending specially crafted input during the S...
CVE-2017-3819
CVE-2017-3819 affects Cisco StarOS SSH login handling on Cisco ASR 5000/5500/5700 and VPC-SI/DI; vulnerability arises from missing input validation during SSH/SFTP login, allowing an authenticated attacker with valid credentials to craft input over an established TCP connection to port 22 and gai...