Details of VAR-200412-0198

ID

VAR-200412-0198

CVE

CVE-2004-1436

TITLE

Multiple Cisco ONS control cards fail to properly handle malformed TCP packets

Trust: 0.8

sources: CERT/CC: VU#800384

DESCRIPTION

The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters. A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability

Trust: 6.3

sources: NVD: CVE-2004-1436 // CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // BID: 10768 // VULHUB: VHN-9866

AFFECTED PRODUCTS

vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 5.6
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.5	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(3\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.3.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.6\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.1	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(2\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.2.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.2	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	2.3\(5\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.0\(2\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.3\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.6\(1\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	1.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	4.1\(0\)	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	cisco	model:	optical networking systems software	scope:	eq	version:	3.4.0	Trust: 1.0
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.5	Trust: 0.9
vendor:	cisco	model:	ons 15600	scope:	eq	version:	1.3\(0\)	Trust: 0.6
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1\(3\)	Trust: 0.6
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6\(0\)	Trust: 0.6
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1\(2\)	Trust: 0.6
vendor:	cisco	model:	ons 15600	scope:	eq	version:	1.0	Trust: 0.6
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6\(1\)	Trust: 0.6
vendor:	cisco	model:	ons 15600	scope:	eq	version:	1.1\(0\)	Trust: 0.6
vendor:	cisco	model:	ons 15600	scope:	eq	version:	1.1	Trust: 0.6
vendor:	cisco	model:	ons 15600	scope:	eq	version:	1.1\(1\)	Trust: 0.6
vendor:	cisco	model:	ons	scope:	eq	version:	156001.3(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.1	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	156001.0	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.6(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(3)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(2)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.1(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(2)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(1)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	4.0(0)	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.4	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.3	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	ons 15454sdh	scope:	eq	version:	2.3(5)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.6(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.6(0)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.5	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(3)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(0)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.4	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.3	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.2.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.1.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154542.3(5)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.6(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.6(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(3)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.4	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.3	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.2	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.1	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.0	Trust: 0.3

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // BID: 10768 // CNNVD: CNNVD-200412-584 // NVD: CVE-2004-1436

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1436
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#800384
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#969344
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#918920
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#277048
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#486224
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#548968
value:	8.03
Trust: 0.8
CARNEGIE MELLON:	VU#760432
value:	7.09
Trust: 0.8
CNNVD:	CNNVD-200412-584
value:	HIGH
Trust: 0.6
VULHUB:	VHN-9866
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1436
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9866
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9866 // CNNVD: CNNVD-200412-584 // NVD: CVE-2004-1436

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1436

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-584

TYPE

Unknown

Trust: 0.9

sources: BID: 10768 // CNNVD: CNNVD-200412-584

EXTERNAL IDS

db:	SECUNIA	id:	12117	Trust: 7.3
db:	SECTRACK	id:	1010749	Trust: 4.8
db:	CERT/CC	id:	VU#760432	Trust: 2.5
db:	BID	id:	10768	Trust: 2.0
db:	NVD	id:	CVE-2004-1436	Trust: 1.7
db:	CERT/CC	id:	VU#800384	Trust: 0.8
db:	CERT/CC	id:	VU#969344	Trust: 0.8
db:	CERT/CC	id:	VU#918920	Trust: 0.8
db:	CERT/CC	id:	VU#277048	Trust: 0.8
db:	CERT/CC	id:	VU#486224	Trust: 0.8
db:	CERT/CC	id:	VU#548968	Trust: 0.8
db:	SECTRACK	id:	1010748	Trust: 0.8
db:	CNNVD	id:	CNNVD-200412-584	Trust: 0.7
db:	XF	id:	1	Trust: 0.6
db:	XF	id:	16766	Trust: 0.6
db:	NSFOCUS	id:	6737	Trust: 0.6
db:	CISCO	id:	20040721 CISCO ONS 15327, ONS 15454, ONS 15454 SDH, AND ONS 15600 MALFORMED PACKET VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-9866	Trust: 0.1

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9866 // BID: 10768 // CNNVD: CNNVD-200412-584 // NVD: CVE-2004-1436

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml	Trust: 7.6
url:	http://www.cisco.com/en/us/products/hw/optical/	Trust: 5.6
url:	http://secunia.com/advisories/12117/	Trust: 5.6
url:	http://www.securitytracker.com/alerts/2004/jul/1010749.html	Trust: 4.8
url:	http://www.securityfocus.com/bid/10768	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/760432	Trust: 1.7
url:	http://secunia.com/advisories/12117	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16766	Trust: 1.1
url:	http://www.tl1.com/library/tl1/tl1_protocol/	Trust: 0.8
url:	http://www.cisco.com/en/us/products/hw/optical/ps2006/products_installation_and_configuration_guide_chapter09186a00800917bc.html	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2004/jul/1010748.html	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/16766	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/6737	Trust: 0.6

sources: CERT/CC: VU#800384 // CERT/CC: VU#969344 // CERT/CC: VU#918920 // CERT/CC: VU#277048 // CERT/CC: VU#486224 // CERT/CC: VU#548968 // CERT/CC: VU#760432 // VULHUB: VHN-9866 // BID: 10768 // CNNVD: CNNVD-200412-584 // NVD: CVE-2004-1436

CREDITS

Cisco PSIRT※ psirt@cisco.com

Trust: 0.6

sources: CNNVD: CNNVD-200412-584

SOURCES

db:	CERT/CC	id:	VU#800384
db:	CERT/CC	id:	VU#969344
db:	CERT/CC	id:	VU#918920
db:	CERT/CC	id:	VU#277048
db:	CERT/CC	id:	VU#486224
db:	CERT/CC	id:	VU#548968
db:	CERT/CC	id:	VU#760432
db:	VULHUB	id:	VHN-9866
db:	BID	id:	10768
db:	CNNVD	id:	CNNVD-200412-584
db:	NVD	id:	CVE-2004-1436

LAST UPDATE DATE

2024-08-14T13:15:07.086000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#800384	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#969344	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#918920	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#277048	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#486224	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#548968	date:	2004-08-05T00:00:00
db:	CERT/CC	id:	VU#760432	date:	2004-08-05T00:00:00
db:	VULHUB	id:	VHN-9866	date:	2018-10-30T00:00:00
db:	BID	id:	10768	date:	2004-07-21T00:00:00
db:	CNNVD	id:	CNNVD-200412-584	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1436	date:	2018-10-30T16:26:17.480

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#800384	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#969344	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#918920	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#277048	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#486224	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#548968	date:	2004-07-27T00:00:00
db:	CERT/CC	id:	VU#760432	date:	2004-07-27T00:00:00
db:	VULHUB	id:	VHN-9866	date:	2004-12-31T00:00:00
db:	BID	id:	10768	date:	2004-07-21T00:00:00
db:	CNNVD	id:	CNNVD-200412-584	date:	2004-07-21T00:00:00
db:	NVD	id:	CVE-2004-1436	date:	2004-12-31T05:00:00