Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by ons
VAR-200604-0098
Vulnerability from variot - Updated: 2023-12-18 12:24Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558. Cisco Optical Networking System (ONS) In Denial of service ( Card reset ) There is a vulnerability that can be exploited.Denial of service by third party ( Card reset ) May be in a state. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. Cisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. Cisco Transport Controller is prone to an arbitrary code-execution vulnerability.
1) Multiple services are vulnerable to ACK DoS attacks where an invalid response is sent instead of the final ACK packet during the 3-way handshake. This can be exploited to cause the control cards to exhaust memory resources, not respond to further connections, or reset by establishing multiple of these connections.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
2) An error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default) and secure mode for element management system (EMS)-to-network-element access is enabled (disabled by default).
3) Another error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
4) An error within the processing of OSPF (Open Shortest Path First) packets can be exploited to reset the control cards by sending a specially crafted OSPF packet.
Successful exploitation requires that the OSPF routing protocol is configured on the LAN interface (disabled by default).
Successful exploitation of the above vulnerabilities (#1 through #4) requires that the Optical node has the Common Control Card connected to a DCN (Data Communication Network) and is enabled for IPv4.
The above vulnerabilities (#1 through #4) affect the following Cisco ONS 15000 series platforms: * Cisco ONS 15310-CL Series * Cisco ONS 15327 Series * Cisco ONS 15454 MSPP * Cisco ONS 15454 MSTP * Cisco ONS 15600 Series
The following Cisco ONS 15000 series platforms are not affected by the vulnerabilities: * Cisco ONS 15100 Series * Cisco ONS 15200 Series * Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms * Cisco ONS 15500 Series * Cisco ONS 15800 Series
5) A vulnerability exists within the Cisco Transport Controller (CTC) applet launcher, which is downloaded each time a management connection is made to the Optical node. The vulnerability is caused due to the java.policy permissions being to broad by granting all permissions to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar.
This can be exploited to execute arbitrary code on the CTC workstation if it is used to connect to a malicious web site running Java code from the "/fs/LAUNCHER.jar" location.
The vulnerability affects versions 4.0.x and prior.
SOLUTION: 1-4) Updated versions are available (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0098",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ons 15454 mspp",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "transport controller",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "ons 15310-cl series",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15454 mspp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.4"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "ons 15310-cl series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15327",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15600",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "transport controller",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "controller cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "transport",
"version": "4.0.x"
},
{
"model": "15310-cl series cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "156000"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.1"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.2"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.3"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.14"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156000"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.14"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
},
{
"model": "transport controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "158000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "155000"
},
{
"model": "ons 15310-ma",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "153050"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "152000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "151000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:transport_controller:4.0.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15310-cl_series:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15600:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1671",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-1671",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-2107",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17779",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1671",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-2107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-102",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17779",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a \"crafted\" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a \"crafted\" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a \"malformed\" OSPF packet, aka bug ID CSCsc54558. Cisco Optical Networking System (ONS) In Denial of service ( Card reset ) There is a vulnerability that can be exploited.Denial of service by third party ( Card reset ) May be in a state. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. \nCisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. \nCisco Transport Controller is prone to an arbitrary code-execution vulnerability. \n\n1) Multiple services are vulnerable to ACK DoS attacks where an\ninvalid response is sent instead of the final ACK packet during the\n3-way handshake. This can be exploited to cause the control cards to\nexhaust memory resources, not respond to further connections, or\nreset by establishing multiple of these connections. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n2) An error within the processing of IP packets can be exploited to\nreset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default) and secure mode for element management\nsystem (EMS)-to-network-element access is enabled (disabled by\ndefault). \n\n3) Another error within the processing of IP packets can be exploited\nto reset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n4) An error within the processing of OSPF (Open Shortest Path First)\npackets can be exploited to reset the control cards by sending a\nspecially crafted OSPF packet. \n\nSuccessful exploitation requires that the OSPF routing protocol is\nconfigured on the LAN interface (disabled by default). \n\nSuccessful exploitation of the above vulnerabilities (#1 through #4)\nrequires that the Optical node has the Common Control Card connected\nto a DCN (Data Communication Network) and is enabled for IPv4. \n\nThe above vulnerabilities (#1 through #4) affect the following Cisco\nONS 15000 series platforms:\n* Cisco ONS 15310-CL Series\n* Cisco ONS 15327 Series\n* Cisco ONS 15454 MSPP\n* Cisco ONS 15454 MSTP\n* Cisco ONS 15600 Series\n\nThe following Cisco ONS 15000 series platforms are not affected by\nthe vulnerabilities:\n* Cisco ONS 15100 Series\n* Cisco ONS 15200 Series\n* Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms\n* Cisco ONS 15500 Series\n* Cisco ONS 15800 Series\n\n5) A vulnerability exists within the Cisco Transport Controller (CTC)\napplet launcher, which is downloaded each time a management connection\nis made to the Optical node. The vulnerability is caused due to the\njava.policy permissions being to broad by granting all permissions to\nany software originating from the codeBase or source at\nhttp://*/fs/LAUNCHER.jar. \n\nThis can be exploited to execute arbitrary code on the CTC\nworkstation if it is used to connect to a malicious web site running\nJava code from the \"/fs/LAUNCHER.jar\" location. \n\nThe vulnerability affects versions 4.0.x and prior. \n\nSOLUTION:\n1-4) Updated versions are available (see patch matrix in vendor\nadvisory). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "PACKETSTORM",
"id": "45206"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1671",
"trust": 3.1
},
{
"db": "BID",
"id": "17384",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "19553",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "24435",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24436",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24437",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015872",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1256",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2006-2107",
"trust": 0.6
},
{
"db": "XF",
"id": "25644",
"trust": 0.6
},
{
"db": "XF",
"id": "25646",
"trust": 0.6
},
{
"db": "XF",
"id": "25645",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060405 CISCO OPTICAL NETWORKING SYSTEM 15000 SERIES AND CISCO TRANSPORT CONTROLLER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-17779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45206",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"id": "VAR-200604-0098",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
}
]
},
"last_update_date": "2023-12-18T12:24:05.422000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1671"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/17384"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24435"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24436"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24437"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015872"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19553"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1256"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25644"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25645"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1671"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1671"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25646"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25645"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25644"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1256"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19553/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9196/"
},
{
"trust": 0.1,
"url": "http://*/fs/launcher.jar."
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"db": "VULHUB",
"id": "VHN-17779"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"date": "2006-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17779"
},
{
"date": "2006-04-05T00:00:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"date": "2006-04-06T18:10:32",
"db": "PACKETSTORM",
"id": "45206"
},
{
"date": "2006-04-07T10:04:00",
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2107"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-17779"
},
{
"date": "2006-04-06T17:23:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003944"
},
{
"date": "2018-10-30T16:26:17.060000",
"db": "NVD",
"id": "CVE-2006-1671"
},
{
"date": "2006-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Optical Networking System Denial of service in Japan (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-102"
}
],
"trust": 0.6
}
}
VAR-200604-0099
Vulnerability from variot - Updated: 2023-12-18 12:24The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. Cisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. Cisco Transport Controller is prone to an arbitrary code-execution vulnerability. This java file has java.
1) Multiple services are vulnerable to ACK DoS attacks where an invalid response is sent instead of the final ACK packet during the 3-way handshake. This can be exploited to cause the control cards to exhaust memory resources, not respond to further connections, or reset by establishing multiple of these connections.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
2) An error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default) and secure mode for element management system (EMS)-to-network-element access is enabled (disabled by default).
3) Another error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
4) An error within the processing of OSPF (Open Shortest Path First) packets can be exploited to reset the control cards by sending a specially crafted OSPF packet.
Successful exploitation requires that the OSPF routing protocol is configured on the LAN interface (disabled by default).
Successful exploitation of the above vulnerabilities (#1 through #4) requires that the Optical node has the Common Control Card connected to a DCN (Data Communication Network) and is enabled for IPv4.
The above vulnerabilities (#1 through #4) affect the following Cisco ONS 15000 series platforms: * Cisco ONS 15310-CL Series * Cisco ONS 15327 Series * Cisco ONS 15454 MSPP * Cisco ONS 15454 MSTP * Cisco ONS 15600 Series
The following Cisco ONS 15000 series platforms are not affected by the vulnerabilities: * Cisco ONS 15100 Series * Cisco ONS 15200 Series * Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms * Cisco ONS 15500 Series * Cisco ONS 15800 Series
5) A vulnerability exists within the Cisco Transport Controller (CTC) applet launcher, which is downloaded each time a management connection is made to the Optical node. The vulnerability is caused due to the java.policy permissions being to broad by granting all permissions to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar.
The vulnerability affects versions 4.0.x and prior.
SOLUTION: 1-4) Updated versions are available (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0099",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "transport controller",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "ons 15310-cl series",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15454 mspp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.4"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "controller cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "transport",
"version": "4.0.x"
},
{
"model": "15310-cl series cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "156000"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.1"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.2"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.3"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "ons 15454 mspp",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156000"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.14"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
},
{
"model": "transport controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "158000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "155000"
},
{
"model": "ons 15310-ma",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "153050"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "152000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "151000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:transport_controller:4.0.x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15310-cl_series:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15600:0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1672"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1672",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-2114",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-17780",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1672",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2006-2114",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-095",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17780",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "VULHUB",
"id": "VHN-17780"
},
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing \"fs/LAUNCHER.jar\", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. \nCisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. \nCisco Transport Controller is prone to an arbitrary code-execution vulnerability. This java file has java. \n\n1) Multiple services are vulnerable to ACK DoS attacks where an\ninvalid response is sent instead of the final ACK packet during the\n3-way handshake. This can be exploited to cause the control cards to\nexhaust memory resources, not respond to further connections, or\nreset by establishing multiple of these connections. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n2) An error within the processing of IP packets can be exploited to\nreset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default) and secure mode for element management\nsystem (EMS)-to-network-element access is enabled (disabled by\ndefault). \n\n3) Another error within the processing of IP packets can be exploited\nto reset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n4) An error within the processing of OSPF (Open Shortest Path First)\npackets can be exploited to reset the control cards by sending a\nspecially crafted OSPF packet. \n\nSuccessful exploitation requires that the OSPF routing protocol is\nconfigured on the LAN interface (disabled by default). \n\nSuccessful exploitation of the above vulnerabilities (#1 through #4)\nrequires that the Optical node has the Common Control Card connected\nto a DCN (Data Communication Network) and is enabled for IPv4. \n\nThe above vulnerabilities (#1 through #4) affect the following Cisco\nONS 15000 series platforms:\n* Cisco ONS 15310-CL Series\n* Cisco ONS 15327 Series\n* Cisco ONS 15454 MSPP\n* Cisco ONS 15454 MSTP\n* Cisco ONS 15600 Series\n\nThe following Cisco ONS 15000 series platforms are not affected by\nthe vulnerabilities:\n* Cisco ONS 15100 Series\n* Cisco ONS 15200 Series\n* Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms\n* Cisco ONS 15500 Series\n* Cisco ONS 15800 Series\n\n5) A vulnerability exists within the Cisco Transport Controller (CTC)\napplet launcher, which is downloaded each time a management connection\nis made to the Optical node. The vulnerability is caused due to the\njava.policy permissions being to broad by granting all permissions to\nany software originating from the codeBase or source at\nhttp://*/fs/LAUNCHER.jar. \n\nThe vulnerability affects versions 4.0.x and prior. \n\nSOLUTION:\n1-4) Updated versions are available (see patch matrix in vendor\nadvisory). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "VULHUB",
"id": "VHN-17780"
},
{
"db": "PACKETSTORM",
"id": "45206"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "17384",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-1672",
"trust": 2.3
},
{
"db": "SECUNIA",
"id": "19553",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015871",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1256",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24438",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2006-2114",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060405 CISCO OPTICAL NETWORKING SYSTEM 15000 SERIES AND CISCO TRANSPORT CONTROLLER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "25647",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-17780",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45206",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "VULHUB",
"id": "VHN-17780"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"id": "VAR-200604-0099",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "VULHUB",
"id": "VHN-17780"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
}
]
},
"last_update_date": "2023-12-18T12:24:05.388000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1672"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/17384"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24438"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015871"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19553"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1256"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25647"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25647"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1256"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19553/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9196/"
},
{
"trust": 0.1,
"url": "http://*/fs/launcher.jar."
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "VULHUB",
"id": "VHN-17780"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"db": "VULHUB",
"id": "VHN-17780"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"date": "2006-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17780"
},
{
"date": "2006-04-05T00:00:00",
"db": "BID",
"id": "17384"
},
{
"date": "2006-04-06T18:10:32",
"db": "PACKETSTORM",
"id": "45206"
},
{
"date": "2006-04-07T10:04:00",
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2114"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-17780"
},
{
"date": "2006-04-06T17:23:00",
"db": "BID",
"id": "17384"
},
{
"date": "2018-10-30T16:26:17.060000",
"db": "NVD",
"id": "CVE-2006-1672"
},
{
"date": "2006-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Fiber Network System Multiple Vulnerabilities in the Transport Controller",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2114"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-095"
}
],
"trust": 0.6
}
}
VAR-200604-0097
Vulnerability from variot - Updated: 2023-12-18 12:24Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. Cisco Optical Networking System (ONS) The denial of service (DoS) There is a vulnerability that can be exploited.Denial of service by third party (DoS) May be in a state. The response, which is also known as bug ID CSCei45910. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. Cisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. Cisco Transport Controller is prone to an arbitrary code-execution vulnerability.
1) Multiple services are vulnerable to ACK DoS attacks where an invalid response is sent instead of the final ACK packet during the 3-way handshake. This can be exploited to cause the control cards to exhaust memory resources, not respond to further connections, or reset by establishing multiple of these connections.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
2) An error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default) and secure mode for element management system (EMS)-to-network-element access is enabled (disabled by default).
3) Another error within the processing of IP packets can be exploited to reset the control cards by sending a specially crafted IP packet.
Successful exploitation requires that IP is configured on the LAN interface (enabled by default).
4) An error within the processing of OSPF (Open Shortest Path First) packets can be exploited to reset the control cards by sending a specially crafted OSPF packet.
Successful exploitation requires that the OSPF routing protocol is configured on the LAN interface (disabled by default).
Successful exploitation of the above vulnerabilities (#1 through #4) requires that the Optical node has the Common Control Card connected to a DCN (Data Communication Network) and is enabled for IPv4.
The above vulnerabilities (#1 through #4) affect the following Cisco ONS 15000 series platforms: * Cisco ONS 15310-CL Series * Cisco ONS 15327 Series * Cisco ONS 15454 MSPP * Cisco ONS 15454 MSTP * Cisco ONS 15600 Series
The following Cisco ONS 15000 series platforms are not affected by the vulnerabilities: * Cisco ONS 15100 Series * Cisco ONS 15200 Series * Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms * Cisco ONS 15500 Series * Cisco ONS 15800 Series
5) A vulnerability exists within the Cisco Transport Controller (CTC) applet launcher, which is downloaded each time a management connection is made to the Optical node. The vulnerability is caused due to the java.policy permissions being to broad by granting all permissions to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar.
This can be exploited to execute arbitrary code on the CTC workstation if it is used to connect to a malicious web site running Java code from the "/fs/LAUNCHER.jar" location.
The vulnerability affects versions 4.0.x and prior.
SOLUTION: 1-4) Updated versions are available (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ons 15454 mspp",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15454 mstp",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15310-cl series",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ons 15454 mspp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.4"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ons 15454 mstp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "ons 15310-cl series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15327",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15600",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "controller cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "transport",
"version": "4.0.x"
},
{
"model": "15310-cl series cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "156000"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.0"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.1"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.2"
},
{
"model": "cisco",
"scope": "eq",
"trust": 0.6,
"vendor": "ons",
"version": "153273.3"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.14"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ons 15327",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ons 15600",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "transport controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.x"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156000"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.14"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
},
{
"model": "ons 15310-cl series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "transport controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "158000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "155000"
},
{
"model": "ons 15310-ma",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "153050"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "152000"
},
{
"model": "ons series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "151000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15310-cl_series:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ons_15600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ons_15454_mstp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1670"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1670",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-1670",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-2113",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17778",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1670",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2006-2113",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-096",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17778",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "VULHUB",
"id": "VHN-17778"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. Cisco Optical Networking System (ONS) The denial of service (DoS) There is a vulnerability that can be exploited.Denial of service by third party (DoS) May be in a state. The response, which is also known as bug ID CSCei45910. Cisco Optical Networking System and Transport Controller are prone to multiple vulnerabilities. \nCisco Optical Networking System 15000 series are affected by multiple denial-of-service vulnerabilities. \nCisco Transport Controller is prone to an arbitrary code-execution vulnerability. \n\n1) Multiple services are vulnerable to ACK DoS attacks where an\ninvalid response is sent instead of the final ACK packet during the\n3-way handshake. This can be exploited to cause the control cards to\nexhaust memory resources, not respond to further connections, or\nreset by establishing multiple of these connections. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n2) An error within the processing of IP packets can be exploited to\nreset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default) and secure mode for element management\nsystem (EMS)-to-network-element access is enabled (disabled by\ndefault). \n\n3) Another error within the processing of IP packets can be exploited\nto reset the control cards by sending a specially crafted IP packet. \n\nSuccessful exploitation requires that IP is configured on the LAN\ninterface (enabled by default). \n\n4) An error within the processing of OSPF (Open Shortest Path First)\npackets can be exploited to reset the control cards by sending a\nspecially crafted OSPF packet. \n\nSuccessful exploitation requires that the OSPF routing protocol is\nconfigured on the LAN interface (disabled by default). \n\nSuccessful exploitation of the above vulnerabilities (#1 through #4)\nrequires that the Optical node has the Common Control Card connected\nto a DCN (Data Communication Network) and is enabled for IPv4. \n\nThe above vulnerabilities (#1 through #4) affect the following Cisco\nONS 15000 series platforms:\n* Cisco ONS 15310-CL Series\n* Cisco ONS 15327 Series\n* Cisco ONS 15454 MSPP\n* Cisco ONS 15454 MSTP\n* Cisco ONS 15600 Series\n\nThe following Cisco ONS 15000 series platforms are not affected by\nthe vulnerabilities:\n* Cisco ONS 15100 Series\n* Cisco ONS 15200 Series\n* Cisco ONS 15302, ONS 15305, and ONS 15310-MA platforms\n* Cisco ONS 15500 Series\n* Cisco ONS 15800 Series\n\n5) A vulnerability exists within the Cisco Transport Controller (CTC)\napplet launcher, which is downloaded each time a management connection\nis made to the Optical node. The vulnerability is caused due to the\njava.policy permissions being to broad by granting all permissions to\nany software originating from the codeBase or source at\nhttp://*/fs/LAUNCHER.jar. \n\nThis can be exploited to execute arbitrary code on the CTC\nworkstation if it is used to connect to a malicious web site running\nJava code from the \"/fs/LAUNCHER.jar\" location. \n\nThe vulnerability affects versions 4.0.x and prior. \n\nSOLUTION:\n1-4) Updated versions are available (see patch matrix in vendor\nadvisory). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "VULHUB",
"id": "VHN-17778"
},
{
"db": "PACKETSTORM",
"id": "45206"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1670",
"trust": 3.1
},
{
"db": "BID",
"id": "17384",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "19553",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015872",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1256",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24434",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2006-2113",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060405 CISCO OPTICAL NETWORKING SYSTEM 15000 SERIES AND CISCO TRANSPORT CONTROLLER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "25643",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-17778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45206",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "VULHUB",
"id": "VHN-17778"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"id": "VAR-200604-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "VULHUB",
"id": "VHN-17778"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
}
]
},
"last_update_date": "2023-12-18T12:24:05.351000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "17384",
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17384"
},
{
"title": "cisco-sa-20060405-ons.shtml",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1670"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/17384"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24434"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015872"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19553"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1256"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25643"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1670"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1670"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25643"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1256"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19553/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9196/"
},
{
"trust": 0.1,
"url": "http://*/fs/launcher.jar."
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "VULHUB",
"id": "VHN-17778"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"db": "VULHUB",
"id": "VHN-17778"
},
{
"db": "BID",
"id": "17384"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"db": "PACKETSTORM",
"id": "45206"
},
{
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"date": "2006-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17778"
},
{
"date": "2006-04-05T00:00:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"date": "2006-04-06T18:10:32",
"db": "PACKETSTORM",
"id": "45206"
},
{
"date": "2006-04-07T10:04:00",
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2113"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-17778"
},
{
"date": "2006-04-06T17:23:00",
"db": "BID",
"id": "17384"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003943"
},
{
"date": "2018-10-30T16:26:17.060000",
"db": "NVD",
"id": "CVE-2006-1670"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Optical Networking System Denial of service in Japan (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003943"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-096"
}
],
"trust": 0.6
}
}
CVE-2020-36762 (GCVE-0-2020-36762)
Vulnerability from cvelistv5 – Published: 2023-07-18 15:00 – Updated: 2024-08-04 17:37- CWE-78 - OS Command Injection
| URL | Tags |
|---|---|
| https://vuldb.com/?id.234248 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.234248 | signaturepermissions-required |
| https://github.com/ONSdigital/ras-collection-inst… | issue-tracking |
| https://github.com/ONSdigital/ras-collection-inst… | patch |
| https://github.com/ONSdigital/ras-collection-inst… | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| ONS Digital | RAS Collection Instrument |
Affected:
2.0.0
Affected: 2.0.1 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.0.4 Affected: 2.0.5 Affected: 2.0.6 Affected: 2.0.7 Affected: 2.0.8 Affected: 2.0.9 Affected: 2.0.10 Affected: 2.0.11 Affected: 2.0.12 Affected: 2.0.13 Affected: 2.0.14 Affected: 2.0.15 Affected: 2.0.16 Affected: 2.0.17 Affected: 2.0.18 Affected: 2.0.19 Affected: 2.0.20 Affected: 2.0.21 Affected: 2.0.22 Affected: 2.0.23 Affected: 2.0.24 Affected: 2.0.25 Affected: 2.0.26 Affected: 2.0.27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.234248"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.234248"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/pull/199"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/commit/dcaad2540f7d50c512ff2e031d3778dd9337db2b"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/releases/tag/2.0.28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RAS Collection Instrument",
"vendor": "ONS Digital",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.5"
},
{
"status": "affected",
"version": "2.0.6"
},
{
"status": "affected",
"version": "2.0.7"
},
{
"status": "affected",
"version": "2.0.8"
},
{
"status": "affected",
"version": "2.0.9"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.11"
},
{
"status": "affected",
"version": "2.0.12"
},
{
"status": "affected",
"version": "2.0.13"
},
{
"status": "affected",
"version": "2.0.14"
},
{
"status": "affected",
"version": "2.0.15"
},
{
"status": "affected",
"version": "2.0.16"
},
{
"status": "affected",
"version": "2.0.17"
},
{
"status": "affected",
"version": "2.0.18"
},
{
"status": "affected",
"version": "2.0.19"
},
{
"status": "affected",
"version": "2.0.20"
},
{
"status": "affected",
"version": "2.0.21"
},
{
"status": "affected",
"version": "2.0.22"
},
{
"status": "affected",
"version": "2.0.23"
},
{
"status": "affected",
"version": "2.0.24"
},
{
"status": "affected",
"version": "2.0.25"
},
{
"status": "affected",
"version": "2.0.26"
},
{
"status": "affected",
"version": "2.0.27"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in ONS Digital RAS Collection Instrument bis 2.0.27 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion jobs der Datei .github/workflows/comment.yml. Durch die Manipulation des Arguments $COMMENT_BODY mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 2.0.28 vermag dieses Problem zu l\u00f6sen. Der Patch wird als dcaad2540f7d50c512ff2e031d3778dd9337db2b bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:27:20.568Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.234248"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.234248"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/pull/199"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/commit/dcaad2540f7d50c512ff2e031d3778dd9337db2b"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/releases/tag/2.0.28"
}
],
"timeline": [
{
"lang": "en",
"time": "2020-12-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2020-12-07T00:00:00.000Z",
"value": "Countermeasure disclosed"
},
{
"lang": "en",
"time": "2023-07-16T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-07-16T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-08-06T12:35:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "ONS Digital RAS Collection Instrument comment.yml jobs os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36762",
"datePublished": "2023-07-18T15:00:04.532Z",
"dateReserved": "2023-07-16T14:49:09.640Z",
"dateUpdated": "2024-08-04T17:37:07.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36762 (GCVE-0-2020-36762)
Vulnerability from nvd – Published: 2023-07-18 15:00 – Updated: 2024-08-04 17:37- CWE-78 - OS Command Injection
| URL | Tags |
|---|---|
| https://vuldb.com/?id.234248 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.234248 | signaturepermissions-required |
| https://github.com/ONSdigital/ras-collection-inst… | issue-tracking |
| https://github.com/ONSdigital/ras-collection-inst… | patch |
| https://github.com/ONSdigital/ras-collection-inst… | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| ONS Digital | RAS Collection Instrument |
Affected:
2.0.0
Affected: 2.0.1 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.0.4 Affected: 2.0.5 Affected: 2.0.6 Affected: 2.0.7 Affected: 2.0.8 Affected: 2.0.9 Affected: 2.0.10 Affected: 2.0.11 Affected: 2.0.12 Affected: 2.0.13 Affected: 2.0.14 Affected: 2.0.15 Affected: 2.0.16 Affected: 2.0.17 Affected: 2.0.18 Affected: 2.0.19 Affected: 2.0.20 Affected: 2.0.21 Affected: 2.0.22 Affected: 2.0.23 Affected: 2.0.24 Affected: 2.0.25 Affected: 2.0.26 Affected: 2.0.27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.234248"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.234248"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/pull/199"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/commit/dcaad2540f7d50c512ff2e031d3778dd9337db2b"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/releases/tag/2.0.28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RAS Collection Instrument",
"vendor": "ONS Digital",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.5"
},
{
"status": "affected",
"version": "2.0.6"
},
{
"status": "affected",
"version": "2.0.7"
},
{
"status": "affected",
"version": "2.0.8"
},
{
"status": "affected",
"version": "2.0.9"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.11"
},
{
"status": "affected",
"version": "2.0.12"
},
{
"status": "affected",
"version": "2.0.13"
},
{
"status": "affected",
"version": "2.0.14"
},
{
"status": "affected",
"version": "2.0.15"
},
{
"status": "affected",
"version": "2.0.16"
},
{
"status": "affected",
"version": "2.0.17"
},
{
"status": "affected",
"version": "2.0.18"
},
{
"status": "affected",
"version": "2.0.19"
},
{
"status": "affected",
"version": "2.0.20"
},
{
"status": "affected",
"version": "2.0.21"
},
{
"status": "affected",
"version": "2.0.22"
},
{
"status": "affected",
"version": "2.0.23"
},
{
"status": "affected",
"version": "2.0.24"
},
{
"status": "affected",
"version": "2.0.25"
},
{
"status": "affected",
"version": "2.0.26"
},
{
"status": "affected",
"version": "2.0.27"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in ONS Digital RAS Collection Instrument bis 2.0.27 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion jobs der Datei .github/workflows/comment.yml. Durch die Manipulation des Arguments $COMMENT_BODY mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 2.0.28 vermag dieses Problem zu l\u00f6sen. Der Patch wird als dcaad2540f7d50c512ff2e031d3778dd9337db2b bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:27:20.568Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.234248"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.234248"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/pull/199"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/commit/dcaad2540f7d50c512ff2e031d3778dd9337db2b"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ONSdigital/ras-collection-instrument/releases/tag/2.0.28"
}
],
"timeline": [
{
"lang": "en",
"time": "2020-12-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2020-12-07T00:00:00.000Z",
"value": "Countermeasure disclosed"
},
{
"lang": "en",
"time": "2023-07-16T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-07-16T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-08-06T12:35:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "ONS Digital RAS Collection Instrument comment.yml jobs os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36762",
"datePublished": "2023-07-18T15:00:04.532Z",
"dateReserved": "2023-07-16T14:49:09.640Z",
"dateUpdated": "2024-08-04T17:37:07.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}