var-200604-0098
Vulnerability from variot
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558. Cisco Optical Networking System (ONS) In Denial of service ( Card reset ) There is a vulnerability that can be exploited.Denial of service by third party ( Card reset ) May be in a state. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. Cisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. Cisco Transport Controller is prone to an arbitrary code-execution vulnerability.
1) Multiple services are vulnerable to ACK DoS attacks where an invalid response is sent instead of the final ACK packet during the 3-way handshake. This can be exploited to cause the control cards to exhaust memory resources, not respond to further connections, or reset by establishing multiple of these connections.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
2) An error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default) and secure mode for element management system (EMS)-to-network-element access is enabled (disabled by default).
3) Another error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
4) An error within the processing of OSPF (Open Shortest Path First) packets can be exploited to reset the control cards by sending a specially crafted OSPF packet.
Successful exploitation requires that the OSPF routing protocol is configured on the LAN interface (disabled by default).
Successful exploitation of the above vulnerabilities (#1 through #4) requires that the Optical node has the Common Control Card connected to a DCN (Data Communication Network) and is enabled for IPv4.
The above vulnerabilities (#1 through #4) affect the following Cisco ONS 15000 series platforms: * Cisco ONS 15310-CL Series * Cisco ONS 15327 Series * Cisco ONS 15454 MSPP * Cisco ONS 15454 MSTP * Cisco ONS 15600 Series
The following Cisco ONS 15000 series platforms are not affected by the vulnerabilities: * Cisco ONS 15100 Series * Cisco ONS 15200 Series * Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms * Cisco ONS 15500 Series * Cisco ONS 15800 Series
5) A vulnerability exists within the Cisco Transport Controller (CTC) applet launcher, which is downloaded each time a management connection is made to the Optical node. The vulnerability is caused due to the java.policy permissions being to broad by granting all permissions to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar.
This can be exploited to execute arbitrary code on the CTC workstation if it is used to connect to a malicious web site running Java code from the "/fs/LAUNCHER.jar" location.
The vulnerability affects versions 4.0.x and prior.
SOLUTION: 1-4) Updated versions are available (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0098",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ons 15454 mspp",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "transport controller",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "ons 15310-cl series",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15454 mspp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.4"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "ons 15310-cl series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15327",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15600",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "transport controller",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "controller cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "transport",
"version": "4.0.x"
},
{
"model": "15310-cl series cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "156000"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.1"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.2"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.3"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.14"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156000"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.14"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
},
{
"model": "transport controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "158000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "155000"
},
{
"model": "ons 15310-ma",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "153050"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "152000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "151000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:transport_controller:4.0.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15310-cl_series:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15600:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1671",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-1671",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-2107",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17779",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1671",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-2107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-102",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17779",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a \"crafted\" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a \"crafted\" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a \"malformed\" OSPF packet, aka bug ID CSCsc54558. Cisco Optical Networking System (ONS) In Denial of service ( Card reset ) There is a vulnerability that can be exploited.Denial of service by third party ( Card reset ) May be in a state. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. \nCisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. \nCisco Transport Controller is prone to an arbitrary code-execution vulnerability. \n\n1) Multiple services are vulnerable to ACK DoS attacks where an\ninvalid response is sent instead of the final ACK packet during the\n3-way handshake. This can be exploited to cause the control cards to\nexhaust memory resources, not respond to further connections, or\nreset by establishing multiple of these connections. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n2) An error within the processing of IP packets can be exploited to\nreset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default) and secure mode for element management\nsystem (EMS)-to-network-element access is enabled (disabled by\ndefault). \n\n3) Another error within the processing of IP packets can be exploited\nto reset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n4) An error within the processing of OSPF (Open Shortest Path First)\npackets can be exploited to reset the control cards by sending a\nspecially crafted OSPF packet. \n\nSuccessful exploitation requires that the OSPF routing protocol is\nconfigured on the LAN interface (disabled by default). \n\nSuccessful exploitation of the above vulnerabilities (#1 through #4)\nrequires that the Optical node has the Common Control Card connected\nto a DCN (Data Communication Network) and is enabled for IPv4. \n\nThe above vulnerabilities (#1 through #4) affect the following Cisco\nONS 15000 series platforms:\n* Cisco ONS 15310-CL Series\n* Cisco ONS 15327 Series\n* Cisco ONS 15454 MSPP\n* Cisco ONS 15454 MSTP\n* Cisco ONS 15600 Series\n\nThe following Cisco ONS 15000 series platforms are not affected by\nthe vulnerabilities:\n* Cisco ONS 15100 Series\n* Cisco ONS 15200 Series\n* Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms\n* Cisco ONS 15500 Series\n* Cisco ONS 15800 Series\n\n5) A vulnerability exists within the Cisco Transport Controller (CTC)\napplet launcher, which is downloaded each time a management connection\nis made to the Optical node. The vulnerability is caused due to the\njava.policy permissions being to broad by granting all permissions to\nany software originating from the codeBase or source at\nhttp://*/fs/LAUNCHER.jar. \n\nThis can be exploited to execute arbitrary code on the CTC\nworkstation if it is used to connect to a malicious web site running\nJava code from the \"/fs/LAUNCHER.jar\" location. \n\nThe vulnerability affects versions 4.0.x and prior. \n\nSOLUTION:\n1-4) Updated versions are available (see patch matrix in vendor\nadvisory). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "PACKETSTORM",
"id": "45206"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1671",
"trust": 3.1
},
{
"db": "BID",
"id": "17384",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "19553",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "24435",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24436",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24437",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015872",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1256",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2006-2107",
"trust": 0.6
},
{
"db": "XF",
"id": "25644",
"trust": 0.6
},
{
"db": "XF",
"id": "25646",
"trust": 0.6
},
{
"db": "XF",
"id": "25645",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060405 CISCO OPTICAL NETWORKING SYSTEM 15000 SERIES AND CISCO TRANSPORT CONTROLLER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-17779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45206",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"id": "VAR-200604-0098",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
}
]
},
"last_update_date": "2023-12-18T12:24:05.422000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/17384"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24435"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24436"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24437"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015872"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19553"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1256"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25644"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25645"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1671"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1671"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25646"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25645"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25644"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1256"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19553/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9196/"
},
{
"trust": 0.1,
"url": "http://*/fs/launcher.jar."
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"date": "2006-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17779"
},
{
"date": "2006-04-05T00:00:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"date": "2006-04-06T18:10:32",
"db": "PACKETSTORM",
"id": "45206"
},
{
"date": "2006-04-07T10:04:00",
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-17779"
},
{
"date": "2006-04-06T17:23:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"date": "2018-10-30T16:26:17.060000",
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"date": "2006-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Optical Networking System Denial of service in Japan (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.