Cisco ONS IP/LAN control card denial of service
| cisco-ons-cc-ip-dos (25645) |  Medium Risk |
Description:
Multiple Cisco Optical Networking System (ONS) Multi-service Provisioning Platform (MSPP) devices are vulnerable to a denial of service attack. If IP is configured on the LAN interface, which is enabled by default, a remote attacker could launch a denial of service attack. By sending specially-crafted IP packets to an affected network entity, a remote attacker could cause both control cards to reset.
Consequences:
Denial of Service
Remedy:
Refer to Cisco Security Advisory cisco-sa-20060405-ons for upgrade or suggested workaround information. See References.
References:
- cisco-sa-20060405-ons: Cisco Security Advisory: Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities.
- BID-17384: Cisco Optical Networking System and Transport Controller Multiple Vulnerabilities
Platforms Affected:
- Cisco ONS 15310-CL
- Cisco ONS 15327
- Cisco ONS 15454 MSPP
- Cisco ONS 15454 MSTP
Reported:
Apr 05, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net