cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

619
Views
0
Helpful
5
Replies
Highlighted
Beginner

Cisco IPS SSM20 Vulnerability

Hello, does anyone know if the IPS can be updated to SSH 2? We have conducted scans on the IPS that fail OpenSSH X11 Port Forwarding Session and cannot find a command that will allow us to update to SSH 2. The vulnerability is CVE-2008-1483 and CVE-2008-3234, any help would be appreciated also any documentation would help as well.

Thanks

5 REPLIES 5
Highlighted
Cisco Employee

You can disable SSHv1 as per the following thread:

https://supportforums.cisco.com/message/3333997

Hope that helps.

Highlighted

hello Jennifer,

thank you for the response, my question now is following what you have given me to implement, does this upgrade it to ssh version 2?

Highlighted

Jennifer, I think were talking about two different IPS's. I have the module that plugs into the Cisco ASA firewall and not a 4200. I tried to put the commands that you gave me but there is no such command on the IPS which leads me to believe that we are talking about two different IPS's.

Highlighted

Hello,

It's the same software, give it a try one more time:

Follow the next procedure as Jeniffer said

su -
cd /etc/ssh
cp sshd_config sshd_config.old
sed -r '/^#?Protocol /cProtocol 2' sshd_config.old > sshd_config

## to apply the changes do:
/etc/init.d/cids reboot

Remember to rate all the posts that help

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Highlighted

You would need to log in to the IPS using service account.

Content for Community-Ad