7 matches found
CVE-2014-2140
Cisco ONS 15454 Controller Cards (software 9.6 and earlier) are affected by CVE-2014-2140. A remote attacker can trigger a FIN attack that exhausts file descriptors, preventing opening a CAL pipe and causing a card reset (DoS) per Bug CSCug97348. Cisco advisory Cisco-SA-20140408-CVE-2014-2140 not...
CVE-2014-2139
Cisco CVE-2014-2139 affects Cisco ONS 15454 Controller Cards running software 9.6 and earlier. The flaw allows an unauthenticated, remote attacker to trigger a FIN attack that exhausts file descriptors, preventing access to flash memory and causing a denial of service. The root cause is exhaustio...
CVE-2014-2141
CVE-2014-2141 affects Cisco ONS 15454 Controller Cards (software 9.6 and earlier). The root cause is an uninitialized pointer in the session-termination function, which allows an authenticated, remote attacker to cause a denial of service (card reset) via crafted session-close actions. Cisco’s ad...
CVE-2014-2142
CVE-2014-2142 affects Cisco ONS 15454 Controller Cards; the vulnerability stems from incorrect parsing of the HTTP URI in the web interface, allowing an unauthenticated remote attacker to trigger a card reload and cause a DoS. Affected software: Cisco ONS 15454 controller cards with software vers...
CVE-2013-6701
Cisco ONS 15454 devices running software 9.6 or earlier are affected by CVE-2013-6701 due to a flaw in the tNetTaskLimit process within the Transport Node Controller (TNC) that fails to properly prioritize health pings. A flood of network traffic can cause a watchdog timeout and TNC reset, enabli...
CVE-2013-6702
The CVE affects Cisco ONS 15454 controller cards running software 9.8 and earlier. The vulnerable component is the management implementation, which can be triggered by crafted packets to cause a denial of service (card reset). Exploitation details are not provided in the connected documents. No r...
CVE-2013-6703
The Cisco ONS 15454 Controller Cards TLS/SSLv3 module is affected by CVE-2013-6703 due to improper validation of TLS/SSLv3 packets. An unauthenticated remote attacker could cause a denial of service by sending crafted packets, potentially triggering a card reset (Bug ID CSCuh34787). Exploitation ...