| VID |
29103 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco ONS platform has multiple vulnerabilities (Security Advisory 20040721). Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.kb.cert.org/vuls/id/969344
http://www.kb.cert.org/vuls/id/918920
http://www.kb.cert.org/vuls/id/800384
http://www.kb.cert.org/vuls/id/277048
http://www.kb.cert.org/vuls/id/486224
http://www.kb.cert.org/vuls/id/548968
http://www.kb.cert.org/vuls/id/760432
http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml
* Platforms Affected:
Cisco Systems, Inc., Cisco ONS15327 3.x(x) and earlier
Cisco Systems, Inc., Cisco ONS15327 4.0(0) to 4.0(2)
Cisco Systems, Inc., Cisco ONS15327 4.1(0) to 4.1(3)
Cisco Systems, Inc., Cisco ONS15327 4.6(0)
Cisco Systems, Inc., Cisco ONS15327 4.6(1)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 3.x(x)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 4.0(0) to 4.0(2)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 4.1(0) to 4.1(3)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 4.5(x)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 4.6(0)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH 4.6(1)
Cisco Systems, Inc., Cisco ONS15454/15454 SDH prior to 2.3(5)
Cisco Systems, Inc., Cisco ONS15600 1.x(x) |
| Recommendation |
Upgrade to the fixed Cisco ONS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities) at http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml .
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com/tacpage/sw-center/sw-optical.shtml .
For details, see http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml . |
| Related URL |
(CVE) |
| Related URL |
10768 (SecurityFocus) |
| Related URL |
16760,16761,16762,16763,16764,16765,16766 (ISS) |
|
