Cisco SCE 1000 and 2000 series devices provide high-capacity advanced application-level bandwidth optimization, stateful application inspection, session-based classification and control of network traffic. The SCE solution allows for the detection and control of network applications including: web browsing, multimedia streaming, and peer-to-peer (P2P).
This Security Advisory describes multiple distinct vulnerabilities. These vulnerabilities are independent of each other.
- System vulnerability to SSH login activity
A vulnerability impacting the SCE SSH server may be triggered during SSH login activity, resulting in system instability or a reload of the SCE. Specific SSH processes may encounter temporary resource unavailability if called within aggressive intervals.
This vulnerability is documented in Cisco Bug ID CSCsi68582 ( registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-0534.
- SSH login activity leads to illegal Input/Output operations
A second vulnerability exists in the SCE SSH server that may be triggered with normal SSH traffic to the SCE management interface occurring in conjunction with other management tasks. During this event, an illegal IO operation may impact the SCE management agent, requiring a reboot of the SCE to recover management access.
This vulnerability is documented in Cisco Bug ID CSCsh49563 ( registered customers only) and has been assigned CVE ID CVE-2008-0536.
- SCE SSH authentication sequence anomaly
A third vulnerability exists in the SCE SSH server that may also be triggered during the SSH login process but unrelated to login attempt frequency or other concurrent management tasks. This issue is triggered by the usage of specific SSH credentials that attempt to change the authentication method, resulting in an authentication sequence anomaly impacting system stability.
This vulnerability is documented in Cisco Bug ID CSCsm14239 ( registered customers only) and has been assigned CVE ID CVE-2008-0535.