Cisco vulnerabilities by product, model, software, and advisory.
Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities
cisco-sa-20060405-ons · NA · Published · Updated
Multiple vulnerabilities exist in the Cisco Optical Networking System (ONS) 15310 Multi-service Provisioning Platforms (MSPP), ONS 15327 MSPP, ONS 15454 MSPP, ONS 15454 Multi-service Transport Platform (MSTP) and the ONS 15600 MSPP. These vulnerabilities will affect Optical nodes that have the Common Control Cards connected to a Data Communications Network (DCN) and are enabled for Internet Protocol Version 4 (IP). Successful exploitation of these vulnerabilities will result in a denial of service (DoS) of the Common Control Cards. A separate vulnerability exists within the Cisco Transport Controller (CTC) applet launcher which may allow execution of arbitrary code on the CTC workstation. This software is downloaded from the Common Control Cards when a management connection is made to the Optical node. Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060405-ons.