Details of VAR-200412-0197

ID

VAR-200412-0197

CVE

CVE-2004-1435

TITLE

Multiple Cisco ONS control cards fail to properly handle malformed TCP packets

Trust: 0.8

sources: CERT/CC: VU#800384

DESCRIPTION

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability

Trust: 6.3

sources: NVD: CVE-2004-1435 // CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // BID: 10768 // VULHUB: VHN-9865

AFFECTED PRODUCTS

vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 5.6
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.5	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(3\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.3.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.6\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(2\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.2.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.2	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	2.3\(5\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(2\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.3\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.6\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.4.0	Trust: 1.0
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.5	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.1\(3\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.1\(1\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.1\(0\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.1\(2\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.0\(2\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.6\(0\)	Trust: 0.6
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	2.3\(5\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.6\(1\)	Trust: 0.6
vendor:	cisco	model:	ons 15454 optical transport platform	scope:	eq	version:	4.0\(1\)	Trust: 0.6
vendor:	cisco	model:	ons	scope:	eq	version:	156001.3(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.0	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.5	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(3)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(2)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(2)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.4	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.3	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	2.3(5)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.6(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.6(0)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.5	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(3)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(0)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.4	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.3	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.2.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.1.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154542.3(5)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.6(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.6(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(3)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.4	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.3	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.2	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.1	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.0	Trust: 0.3

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // BID: 10768 // CNNVD: CNNVD-200412-386 // NVD: CVE-2004-1435

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1435
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#800384
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#969344
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#918920
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#277048
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#486224
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#548968
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#760432
value:	7.09
Trust: 0.8
CNNVD:	CNNVD-200412-386
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9865
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-1435
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9865
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9865 // CNNVD: CNNVD-200412-386 // NVD: CVE-2004-1435

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1435

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-386

TYPE

Unknown

Trust: 0.9

sources: BID: 10768 // CNNVD: CNNVD-200412-386

EXTERNAL IDS

db:	SECUNIA	id:	12117	Trust: 7.3
db:	SECTRACK	id:	1010749	Trust: 4.8
db:	CERT/CC	id:	VU#277048	Trust: 2.5
db:	BID	id:	10768	Trust: 2.0
db:	NVD	id:	CVE-2004-1435	Trust: 1.7
db:	CERT/CC	id:	VU#800384	Trust: 0.8
db:	CERT/CC	id:	VU#969344	Trust: 0.8
db:	CERT/CC	id:	VU#918920	Trust: 0.8
db:	CERT/CC	id:	VU#486224	Trust: 0.8
db:	CERT/CC	id:	VU#548968	Trust: 0.8
db:	SECTRACK	id:	1010748	Trust: 0.8
db:	CERT/CC	id:	VU#760432	Trust: 0.8
db:	XF	id:	16763	Trust: 0.6
db:	NSFOCUS	id:	6737	Trust: 0.6
db:	CISCO	id:	20040721 CISCO ONS 15327, ONS 15454, ONS 15454 SDH, AND ONS 15600 MALFORMED PACKET VULNERABILITIES	Trust: 0.6
db:	CNNVD	id:	CNNVD-200412-386	Trust: 0.6
db:	VULHUB	id:	VHN-9865	Trust: 0.1

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9865 // BID: 10768 // CNNVD: CNNVD-200412-386 // NVD: CVE-2004-1435

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml	Trust: 7.6
url:	http://www.cisco.com/en/us/products/hw/optical/	Trust: 5.6
url:	http://secunia.com/advisories/12117/	Trust: 5.6
url:	http://www.securitytracker.com/alerts/2004/jul/1010749.html	Trust: 4.8
url:	http://www.securityfocus.com/bid/10768	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/277048	Trust: 1.7
url:	http://secunia.com/advisories/12117	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16763	Trust: 1.1
url:	http://www.tl1.com/library/tl1/tl1_protocol/	Trust: 0.8
url:	http://www.cisco.com/en/us/products/hw/optical/ps2006/products_installation_and_configuration_guide_chapter09186a00800917bc.html	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2004/jul/1010748.html	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/16763	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/6737	Trust: 0.6

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9865 // BID: 10768 // CNNVD: CNNVD-200412-386 // NVD: CVE-2004-1435

CREDITS

Cisco PSIRT※ psirt@cisco.com

Trust: 0.6

sources: CNNVD: CNNVD-200412-386

SOURCES

db:	CERT/CC	id:	VU#800384
db:	CERT/CC	id:	VU#969344
db:	CERT/CC	id:	VU#918920
db:	CERT/CC	id:	VU#277048
db:	CERT/CC	id:	VU#486224
db:	CERT/CC	id:	VU#548968
db:	CERT/CC	id:	VU#760432
db:	VULHUB	id:	VHN-9865
db:	BID	id:	10768
db:	CNNVD	id:	CNNVD-200412-386
db:	NVD	id:	CVE-2004-1435

LAST UPDATE DATE

2024-08-14T12:31:46.790000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#800384	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#969344	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#918920	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#277048	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#486224	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#548968	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#760432	date:	2004-08-05T00:00:00
db:	VULHUB	id:	VHN-9865	date:	2018-10-30T00:00:00
db:	BID	id:	10768	date:	2004-07-21T00:00:00
db:	CNNVD	id:	CNNVD-200412-386	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1435	date:	2018-10-30T16:26:17.480

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#800384	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#969344	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#918920	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#277048	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#486224	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#548968	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#760432	date:	2004-07-27T00:00:00
db:	VULHUB	id:	VHN-9865	date:	2004-12-31T00:00:00
db:	BID	id:	10768	date:	2004-07-21T00:00:00
db:	CNNVD	id:	CNNVD-200412-386	date:	2004-07-21T00:00:00
db:	NVD	id:	CVE-2004-1435	date:	2004-12-31T05:00:00