Lucene search

[email protected]CVE-2006-1671

HistoryApr 07, 2006 - 10:04 a.m.

CVE-2006-1671

2006-04-0710:04:00

[email protected]

web.nvd.nist.gov

cve-2006-1671

cisco

optical networking system

ons 15000

denial of service

remote attackers

security

vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

JSON

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a “crafted” IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a “crafted” IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a “malformed” OSPF packet, aka bug ID CSCsc54558.

Affected configurations

NVD

Node

ciscotransport_controllerMatch4.0.x

Node

ciscooptical_networking_systems_softwareMatch1.0

ciscooptical_networking_systems_softwareMatch1.1

ciscooptical_networking_systems_softwareMatch1.1\(0\)

ciscooptical_networking_systems_softwareMatch1.1\(1\)

ciscooptical_networking_systems_softwareMatch1.3\(0\)

ciscooptical_networking_systems_softwareMatch3.0

ciscooptical_networking_systems_softwareMatch3.1.0

ciscooptical_networking_systems_softwareMatch3.2

ciscooptical_networking_systems_softwareMatch3.3.0

ciscooptical_networking_systems_softwareMatch3.4.0

ciscooptical_networking_systems_softwareMatch4.0\(1\)

ciscooptical_networking_systems_softwareMatch4.0\(2\)

ciscooptical_networking_systems_softwareMatch4.0.0

ciscooptical_networking_systems_softwareMatch4.1\(0\)

ciscooptical_networking_systems_softwareMatch4.1\(1\)

ciscooptical_networking_systems_softwareMatch4.1\(2\)

ciscooptical_networking_systems_softwareMatch4.1\(3\)

ciscooptical_networking_systems_softwareMatch4.1.4

ciscooptical_networking_systems_softwareMatch4.6\(0\)

ciscooptical_networking_systems_softwareMatch4.6\(1\)

ciscoons_15310-cl_seriesMatch0

ciscoons_15600Match0

ciscoons_15454_mspp

CPENameOperatorVersion
cisco:transport_controllercisco transport controllereq4.0.x

CPE	Name	Operator	Version
cisco:transport_controller	cisco transport controller	eq	4.0.x

References

secunia.com/advisories/19553

securitytracker.com/id?1015872

www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml

www.osvdb.org/24435

www.osvdb.org/24436

www.osvdb.org/24437

www.securityfocus.com/bid/17384

www.vupen.com/english/advisories/2006/1256

exchange.xforce.ibmcloud.com/vulnerabilities/25644

exchange.xforce.ibmcloud.com/vulnerabilities/25645

exchange.xforce.ibmcloud.com/vulnerabilities/25646

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2006-1671

cvelist1 prion1 nvd1 cisco1