ID
VAR-200305-0082
TITLE
Cisco Optical Transport Platform illegal telnet request remote denial of service vulnerability
Trust: 0.6
DESCRIPTION
The Cisco ONS 15454, ONS 15327, ONS 15454 SDH, and ONS 15600 hardware are managed by TCC+, XTC, TCCi, and TSC control cards, which are typically used in internal customer environments to connect to the external Internet. The telnet service of the Cisco Optical Transport Platform system handles illegal requests incorrectly. A remote attacker can exploit this vulnerability to perform a denial of service attack on the device, which can cause network interruption. By submitting an illegal telnet request, an attacker can cause a TCC+, XTC, TCCi, and TSC control card to be reset. Repeating an illegal request can cause the device to interrupt normal communication and generate a denial of service. This vulnerability was reproduced by the Nessus scanner, CISCO BUG number: CSCdz83519
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | ons | scope: | eq | version: | 156001.0 | Trust: 0.9 |
| vendor: | cisco | model: | ons 15454sdh | scope: | eq | version: | 3.1 | Trust: 0.9 |
| vendor: | cisco | model: | ons 15454sdh | scope: | eq | version: | 3.2 | Trust: 0.9 |
| vendor: | cisco | model: | ons 15454sdh | scope: | eq | version: | 3.3 | Trust: 0.9 |
| vendor: | cisco | model: | ons 15454sdh | scope: | eq | version: | 3.4 | Trust: 0.9 |
| vendor: | cisco | model: | ons | scope: | eq | version: | 153273.0 | Trust: 0.9 |
| vendor: | cisco | model: | ons | scope: | eq | version: | 153273.1 | Trust: 0.9 |
| vendor: | cisco | model: | ons | scope: | eq | version: | 153273.2 | Trust: 0.9 |
| vendor: | cisco | model: | ons | scope: | eq | version: | 153273.3 | Trust: 0.9 |
| vendor: | cisco | model: | ons | scope: | eq | version: | 153273.4 | Trust: 0.9 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154544.0(1) | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154543.4 | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154543.3 | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154543.2.0 | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154543.1.0 | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | eq | version: | 154543.0 | Trust: 0.3 |
| vendor: | cisco | model: | ons | scope: | ne | version: | 156001.1 | Trust: 0.3 |
| vendor: | cisco | model: | ons 15454sdh | scope: | ne | version: | 4.0 | Trust: 0.3 |
| vendor: | cisco | model: | ons optical transport platform | scope: | ne | version: | 154544.0 | Trust: 0.3 |
| vendor: | cisco | model: | ons | scope: | ne | version: | 153274.0 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
THREAT TYPE
network
Trust: 0.3
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
PATCH
| title: | Cisco Optical Transport Platform illegal telnet request for remote denial of service vulnerability patch | url: | https://www.cnvd.org.cn/patchinfo/show/42213 | Trust: 0.6 |
EXTERNAL IDS
| db: | BID | id: | 7481 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2003-1215 | Trust: 0.6 |
REFERENCES
| url: | http://www.cisco.com/warp/public/707/cisco-sa-20030501-ons.shtml | Trust: 0.6 |
| url: | /archive/1/320182 | Trust: 0.3 |
CREDITS
This issue was announced by the vendor.
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2003-1215 |
| db: | BID | id: | 7481 |
LAST UPDATE DATE
2022-05-17T02:05:38.270000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2003-1215 | date: | 2014-01-20T00:00:00 |
| db: | BID | id: | 7481 | date: | 2003-05-01T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2003-1215 | date: | 2003-05-01T00:00:00 |
| db: | BID | id: | 7481 | date: | 2003-05-01T00:00:00 |