Multiple Cisco ONS control cards fail to properly handle malformed TCP packets

2004-07-27T00:00:00
ID VU:800384
Type cert
Reporter CERT
Modified 2004-08-05T00:00:00

Description

Overview

A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition.

Description

Cisco's Optical Networking product line consists of a series of devices designed to offer high-bandwidth data services. These optical devices are managed through a series of control cards, which vary depending on the model of the device. There is a vulnerability in the way the XTC, TCC/TCC+/TCC2, TCCi/TCC2, and TSC control cards handle malformed TCP packets. By sending specially crafted TCP packets to a vulnerable optical device, a remote attacker could cause the control cards to reset.

Vulnerable
Cisco ONS 15327 Edge Optical Transport Platform releases:

* 4.6(0) and 4.6(1) 
* 4.1(0) to 4.1(3) 
* 4.0(0) to 4.0(2) 
* 3.x(x) and earlier

Cisco ONS 15454 Optical Transport Platform releases:

* 4.6(0) and 4.6(1) 
* 4.5(x) 
* 4.1(0) to 4.1(3) 
* 4.0(0) to 4.0(2) 
* 3.x(x) 
* earlier than 2.3(5)

Cisco ONS 15454 SDH Multiplexer Platform releases:

* 4.6(0) and 4.6(1) 
* 4.5(x) 
* 4.1(0) to 4.1(3) 
* 4.0(0) to 4.0(2) 
* 3.x(x) 
* earlier than 2.3(5)

Cisco ONS 15600 Multiservice Switching Platform

* 1.x(x)

Impact

A remote, unauthenticated attacker could cause control cards to reset on an affected optical device. Repeated exploitation of this vulnerability could result in a denial of service.