Details of VAR-200507-0149

ID

VAR-200507-0149

CVE

CVE-2005-2279

TITLE

Cisco ONS 15216 OADM telnet Denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200507-204

DESCRIPTION

Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data. The Cisco ONS 15216 OADM has separate data planes, one that exists solely for device management, and the other that exists for data transport purposes. When the vulnerability is triggered, the Telnet service will no longer respond to subsequent legitimate requests. However, the data plane (Network traffic that is being switched and transmitted by the device.) is not affected by this attack. This vulnerability exists in the Cisco ONS 15216 OADM device that is running software release 2.2.2 and earlier software releases. Cisco ONS is an optical network platform developed by CISCO

Trust: 1.26

sources: NVD: CVE-2005-2279 // BID: 14246 // VULHUB: VHN-13488

AFFECTED PRODUCTS

vendor:	cisco	model:	ons 15216 optical add drop multiplexer software	scope:	lte	version:	2.2.2	Trust: 1.0
vendor:	cisco	model:	ons 15216 optical add drop multiplexer	scope:	eq	version:	2.2.2	Trust: 0.6
vendor:	cisco	model:	ons 15216 optical add drop multiplexer software	scope:	eq	version:	2.2.2	Trust: 0.6
vendor:	cisco	model:	ons oadm	scope:	eq	version:	152162.2.2	Trust: 0.3
vendor:	cisco	model:	ons oadm	scope:	eq	version:	152162.0	Trust: 0.3
vendor:	cisco	model:	ons oadm	scope:	ne	version:	152162.2.3	Trust: 0.3

sources: BID: 14246 // CNNVD: CNNVD-200507-204 // NVD: CVE-2005-2279

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2279
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200507-204
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-13488
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-2279
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13488
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13488 // CNNVD: CNNVD-200507-204 // NVD: CVE-2005-2279

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2279

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200507-204

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200507-204

EXTERNAL IDS

db:	BID	id:	14246	Trust: 2.0
db:	SECTRACK	id:	1014475	Trust: 1.7
db:	SECUNIA	id:	16073	Trust: 1.7
db:	OSVDB	id:	17863	Trust: 1.7
db:	NVD	id:	CVE-2005-2279	Trust: 1.7
db:	CNNVD	id:	CNNVD-200507-204	Trust: 0.7
db:	CISCO	id:	20050713 CISCO ONS 15216 OADM TELNET DENIAL-OF-SERVICE VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-13488	Trust: 0.1

sources: VULHUB: VHN-13488 // BID: 14246 // CNNVD: CNNVD-200507-204 // NVD: CVE-2005-2279

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20050713-ons.shtml	Trust: 2.0
url:	http://www.securityfocus.com/bid/14246	Trust: 1.7
url:	http://www.osvdb.org/17863	Trust: 1.7
url:	http://securitytracker.com/id?1014475	Trust: 1.7
url:	http://secunia.com/advisories/16073	Trust: 1.7

sources: VULHUB: VHN-13488 // BID: 14246 // CNNVD: CNNVD-200507-204 // NVD: CVE-2005-2279

CREDITS

Cisco

Trust: 0.6

sources: CNNVD: CNNVD-200507-204

SOURCES

db:	VULHUB	id:	VHN-13488
db:	BID	id:	14246
db:	CNNVD	id:	CNNVD-200507-204
db:	NVD	id:	CVE-2005-2279

LAST UPDATE DATE

2024-08-14T15:45:41.810000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13488	date:	2018-10-30T00:00:00
db:	BID	id:	14246	date:	2005-07-13T00:00:00
db:	CNNVD	id:	CNNVD-200507-204	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-2279	date:	2018-10-30T16:26:16.920

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13488	date:	2005-07-18T00:00:00
db:	BID	id:	14246	date:	2005-07-13T00:00:00
db:	CNNVD	id:	CNNVD-200507-204	date:	2005-07-18T00:00:00
db:	NVD	id:	CVE-2005-2279	date:	2005-07-18T04:00:00