Symptom

Nessus scanner with version 4.4.1 or above will report DOS vulnerability error for Nexus5000 running with 5.1(3) or below: The SSH server on the remote host has multiple denial of service vulnerabilities. And request the ssh service on Nexus 5000 to be upgraded to 5.9 or above to avoid CVE-2010-4755.

Conditions

Nexus5000 with 5.1(3) is running SSH 5.5, which will trigger these report. If this vulnerability is be exploited the SSH process would terminate tearing down all currently established SSH sessions. The SSH process would restart automatically and SSH sessions could be re-established. This re-establishing can be automatic or manual, depending on how they are initially established and processes surrounding them.

Workaround

N/A PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 4/3.8: http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:L/Au:S/C:N/I:N/A:P/E:F/RL:U/RC:C&version=2.0 CVE ID CVE-2010-4755 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Further Problem Description