CVE-2011-0949

Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
ciscoios_xr
3.6.0
ciscoios_xr
3.6.1
ciscoios_xr
3.6.2
ciscoios_xr
3.6.3
ciscoios_xr
3.8.0
ciscoios_xr
3.8.1
ciscoios_xr
3.8.2
ciscoios_xr
3.9.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18f.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18f.shtml