National Cyber-Alert System

Vulnerability Summary for CVE-2006-1670

Overview

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.

Impact

CVSS Severity (version 2.0 upgrade from v1.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: BID

Name: 17384

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/17384

External Source: CISCO

Name: 20060405 Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities

Type: Advisory; Patch Information

Hyperlink:http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml

External Source: XF

Name: cisco-ons-iplan-ack-dos(25643)

Hyperlink:http://xforce.iss.net/xforce/xfdb/25643

External Source: OSVDB

Name: 24434

Hyperlink:http://www.osvdb.org/24434

External Source: VUPEN

Name: ADV-2006-1256

Hyperlink:http://www.frsirt.com/english/advisories/2006/1256

External Source: SECTRACK

Name: 1015872

Hyperlink:http://securitytracker.com/id?1015872

External Source: SECUNIA

Name: 19553

Hyperlink:http://secunia.com/advisories/19553