Cisco ONS Non-Zero IP Reset DoS

2004-04-08T23:14:09
ID OSVDB:5045
Type osvdb
Reporter OSVDB
Modified 2004-04-08T23:14:09

Description

Vulnerability Description

Cisco ONS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted packet that contains a non-zero type of service (TOS), and will result in loss of availability for the ONS hardware.

Solution Description

Upgrade to version 3.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco ONS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted packet that contains a non-zero type of service (TOS), and will result in loss of availability for the ONS hardware.

References:

Vendor Specific Advisory URL ISS X-Force ID: 9377 CVE-2002-0952 Bugtraq ID: 5058