Sign-up

ID

VAR-200604-0097


CVE

CVE-2006-1670


TITLE

Cisco Optical Networking System Denial of service in Japan (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2006-003943

DESCRIPTION

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. Cisco Optical Networking System (ONS) The denial of service (DoS) There is a vulnerability that can be exploited.Denial of service by third party (DoS) May be in a state. The response, which is also known as bug ID CSCei45910. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. Cisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. Cisco Transport Controller is prone to an arbitrary code-execution vulnerability. 1) Multiple services are vulnerable to ACK DoS attacks where an invalid response is sent instead of the final ACK packet during the 3-way handshake. This can be exploited to cause the control cards to exhaust memory resources, not respond to further connections, or reset by establishing multiple of these connections. Successful exploitation requires that IP is configured on the LAN interface (enabled by default). 2) An error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet. Successful exploitation requires that IP is configured on the LAN interface (enabled by default) and secure mode for element management system (EMS)-to-network-element access is enabled (disabled by default). 3) Another error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet. Successful exploitation requires that IP is configured on the LAN interface (enabled by default). 4) An error within the processing of OSPF (Open Shortest Path First) packets can be exploited to reset the control cards by sending a specially crafted OSPF packet. Successful exploitation requires that the OSPF routing protocol is configured on the LAN interface (disabled by default). Successful exploitation of the above vulnerabilities (#1 through #4) requires that the Optical node has the Common Control Card connected to a DCN (Data Communication Network) and is enabled for IPv4. The above vulnerabilities (#1 through #4) affect the following Cisco ONS 15000 series platforms: * Cisco ONS 15310-CL Series * Cisco ONS 15327 Series * Cisco ONS 15454 MSPP * Cisco ONS 15454 MSTP * Cisco ONS 15600 Series The following Cisco ONS 15000 series platforms are not affected by the vulnerabilities: * Cisco ONS 15100 Series * Cisco ONS 15200 Series * Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms * Cisco ONS 15500 Series * Cisco ONS 15800 Series 5) A vulnerability exists within the Cisco Transport Controller (CTC) applet launcher, which is downloaded each time a management connection is made to the Optical node. The vulnerability is caused due to the java.policy permissions being to broad by granting all permissions to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar. This can be exploited to execute arbitrary code on the CTC workstation if it is used to connect to a malicious web site running Java code from the "/fs/LAUNCHER.jar" location. The vulnerability affects versions 4.0.x and prior. SOLUTION: 1-4) Updated versions are available (see patch matrix in vendor advisory). PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2006-1670 // JVNDB: JVNDB-2006-003943 // CNVD: CNVD-2006-2113 // BID: 17384 // VULHUB: VHN-17778 // PACKETSTORM: 45206

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-2113

AFFECTED PRODUCTS

vendor:ciscomodel:ons 15454 msppscope: - version: -

Trust: 1.4

vendor:ciscomodel:ons 15454 mstpscope: - version: -

Trust: 1.4

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.0\(1\)

Trust: 1.0

vendor:ciscomodel:ons 15600scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:1.1\(0\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:1.1\(1\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.0.0

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.1\(1\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.1\(3\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:3.3.0

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.6\(0\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:1.1

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.1\(2\)

Trust: 1.0

vendor:ciscomodel:ons 15310-cl seriesscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:ons 15454 msppscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:3.2

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.1.4

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.0\(2\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:1.3\(0\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.6\(1\)

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:1.0

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:4.1\(0\)

Trust: 1.0

vendor:ciscomodel:ons 15454 mstpscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:3.1.0

Trust: 1.0

vendor:ciscomodel:optical networking systems softwarescope:eqversion:3.4.0

Trust: 1.0

vendor:ciscomodel:ons 15310-cl seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ons 15327scope: - version: -

Trust: 0.8

vendor:ciscomodel:ons 15600scope: - version: -

Trust: 0.8

vendor:transportmodel:controller ciscoscope:eqversion:4.0.x

Trust: 0.6

vendor:onsmodel:15310-cl series ciscoscope:eqversion:0

Trust: 0.6

vendor:onsmodel:ciscoscope:eqversion:156000

Trust: 0.6

vendor:onsmodel:ciscoscope:eqversion:153273.0

Trust: 0.6

vendor:onsmodel:ciscoscope:eqversion:153273.1

Trust: 0.6

vendor:onsmodel:ciscoscope:eqversion:153273.2

Trust: 0.6

vendor:onsmodel:ciscoscope:eqversion:153273.3

Trust: 0.6

vendor:ciscomodel:ons 15327scope:eqversion:4.14

Trust: 0.6

vendor:ciscomodel:ons 15600scope:eqversion:1.3\(0\)

Trust: 0.6

vendor:ciscomodel:ons 15600scope:eqversion:1.0

Trust: 0.6

vendor:ciscomodel:ons 15327scope:eqversion:4.6\(1\)

Trust: 0.6

vendor:ciscomodel:ons 15327scope:eqversion:4.6\(0\)

Trust: 0.6

vendor:ciscomodel:ons 15600scope:eqversion:1.1\(0\)

Trust: 0.6

vendor:ciscomodel:ons 15600scope:eqversion:1.1

Trust: 0.6

vendor:ciscomodel:ons 15600scope:eqversion:1.1\(1\)

Trust: 0.6

vendor:ciscomodel:transport controllerscope:eqversion:4.0.x

Trust: 0.3

vendor:ciscomodel:ons seriesscope:eqversion:156000

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.3(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.1

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:156001.0

Trust: 0.3

vendor:ciscomodel:ons mstpscope:eqversion:154540

Trust: 0.3

vendor:ciscomodel:ons msppscope:eqversion:154540

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.14

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.6(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.6(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(3)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.4

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.3

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.2

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.1

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.0

Trust: 0.3

vendor:ciscomodel:ons 15310-cl seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:transport controllerscope:neversion:4.1

Trust: 0.3

vendor:ciscomodel:ons seriesscope:neversion:158000

Trust: 0.3

vendor:ciscomodel:ons seriesscope:neversion:155000

Trust: 0.3

vendor:ciscomodel:ons 15310-mascope:neversion:0

Trust: 0.3

vendor:ciscomodel:onsscope:neversion:153050

Trust: 0.3

vendor:ciscomodel:onsscope:neversion:15302

Trust: 0.3

vendor:ciscomodel:ons seriesscope:neversion:152000

Trust: 0.3

vendor:ciscomodel:ons seriesscope:neversion:151000

Trust: 0.3

sources: CNVD: CNVD-2006-2113 // BID: 17384 // JVNDB: JVNDB-2006-003943 // CNNVD: CNNVD-200604-096 // NVD: CVE-2006-1670

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-1670
value: HIGH

Trust: 1.0

NVD: CVE-2006-1670
value: HIGH

Trust: 0.8

CNVD: CNVD-2006-2113
value: HIGH

Trust: 0.6

CNNVD: CNNVD-200604-096
value: HIGH

Trust: 0.6

VULHUB: VHN-17778
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-1670
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2006-2113
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-17778
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2006-2113 // VULHUB: VHN-17778 // JVNDB: JVNDB-2006-003943 // CNNVD: CNNVD-200604-096 // NVD: CVE-2006-1670

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-1670

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200604-096

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200604-096

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-003943

PATCH
title:17384url:http://www.securityfocus.com/bid/17384
Trust: 0.8
title:cisco-sa-20060405-ons.shtmlurl:http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-003943

EXTERNAL IDS
db:NVDid:CVE-2006-1670
Trust: 3.1
db:BIDid:17384
Trust: 2.6
db:SECUNIAid:19553
Trust: 1.8
db:SECTRACKid:1015872
Trust: 1.7
db:VUPENid:ADV-2006-1256
Trust: 1.7
db:OSVDBid:24434
Trust: 1.7
db:JVNDBid:JVNDB-2006-003943
Trust: 0.8
db:CNNVDid:CNNVD-200604-096
Trust: 0.7
db:CNVDid:CNVD-2006-2113
Trust: 0.6
db:CISCOid:20060405 CISCO OPTICAL NETWORKING SYSTEM 15000 SERIES AND CISCO TRANSPORT CONTROLLER VULNERABILITIES
Trust: 0.6
db:XFid:25643
Trust: 0.6
db:VULHUBid:VHN-17778
Trust: 0.1
db:PACKETSTORMid:45206
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2006-2113 // 
            
            
            
            VULHUB: VHN-17778 // 
            
            
            
            BID: 17384 // 
            
            
            
            JVNDB: JVNDB-2006-003943 // 
            
            
            
            PACKETSTORM: 45206 // 
            
            
            
            CNNVD: CNNVD-200604-096 // 
            
            
            
            NVD: CVE-2006-1670

REFERENCES
url:http://www.securityfocus.com/bid/17384
Trust: 2.3
url:http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
Trust: 2.1
url:http://www.osvdb.org/24434
Trust: 1.7
url:http://securitytracker.com/id?1015872
Trust: 1.7
url:http://secunia.com/advisories/19553
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/1256
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/25643
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1670
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1670
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/25643
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/1256
Trust: 0.6
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/advisories/19553/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/9196/
Trust: 0.1
url:http://*/fs/launcher.jar.
Trust: 0.1
url:http://secunia.com/product/684/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2006-2113 // 
            
            
            
            VULHUB: VHN-17778 // 
            
            
            
            BID: 17384 // 
            
            
            
            JVNDB: JVNDB-2006-003943 // 
            
            
            
            PACKETSTORM: 45206 // 
            
            
            
            CNNVD: CNNVD-200604-096 // 
            
            
            
            NVD: CVE-2006-1670

CREDITS
Cisco
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200604-096

SOURCES
db:CNVDid:CNVD-2006-2113
db:VULHUBid:VHN-17778
db:BIDid:17384
db:JVNDBid:JVNDB-2006-003943
db:PACKETSTORMid:45206
db:CNNVDid:CNNVD-200604-096
db:NVDid:CVE-2006-1670

LAST UPDATE DATE
2024-08-14T14:00:22.494000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2006-2113date:2006-04-07T00:00:00
db:VULHUBid:VHN-17778date:2018-10-30T00:00:00
db:BIDid:17384date:2006-04-06T17:23:00
db:JVNDBid:JVNDB-2006-003943date:2014-03-11T00:00:00
db:CNNVDid:CNNVD-200604-096date:2006-04-07T00:00:00
db:NVDid:CVE-2006-1670date:2018-10-30T16:26:17.060

SOURCES RELEASE DATE
db:CNVDid:CNVD-2006-2113date:2006-04-07T00:00:00
db:VULHUBid:VHN-17778date:2006-04-07T00:00:00
db:BIDid:17384date:2006-04-05T00:00:00
db:JVNDBid:JVNDB-2006-003943date:2014-03-11T00:00:00
db:PACKETSTORMid:45206date:2006-04-06T18:10:32
db:CNNVDid:CNNVD-200604-096date:2006-04-07T00:00:00
db:NVDid:CVE-2006-1670date:2006-04-07T10:04:00