Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Optical_networking_systems_software | Cisco | 1.0 (including) | 1.0 (including) |
| Optical_networking_systems_software | Cisco | 4.0(1) (including) | 4.0(1) (including) |
| Optical_networking_systems_software | Cisco | 4.0(2) (including) | 4.0(2) (including) |
| Optical_networking_systems_software | Cisco | 4.0.0 (including) | 4.0.0 (including) |
| Optical_networking_systems_software | Cisco | 4.1(0) (including) | 4.1(0) (including) |
| Optical_networking_systems_software | Cisco | 4.1(1) (including) | 4.1(1) (including) |
| Optical_networking_systems_software | Cisco | 4.1(2) (including) | 4.1(2) (including) |
| Optical_networking_systems_software | Cisco | 4.1(3) (including) | 4.1(3) (including) |
| Optical_networking_systems_software | Cisco | 4.1.0 (including) | 4.1.0 (including) |
| Optical_networking_systems_software | Cisco | 4.5 (including) | 4.5 (including) |
References
- http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml
- http://www.osvdb.org/4009
- http://www.securityfocus.com/bid/9699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15265
- http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml
- http://www.osvdb.org/4009
- http://www.securityfocus.com/bid/9699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15265