CVE-2004-1435

Properties

Published:
30.12.2004
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N) Approximated
    Product:
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15327
    Cisco: ONS 15454SDH
    Cisco: ONS 15454 Optical Transport Platform

    Vulnerability description

    Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).

    References:

    CISCO: http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml
    CERT-VN: http://www.kb.cert.org/vuls/id/277048
    BID: http://www.securityfocus.com/bid/10768
    SECUNIA: http://secunia.com/advisories/12117
    XF: http://xforce.iss.net/xforce/xfdb/16763