Vulnerabilities > Cisco > Optical Networking Systems Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-23 | CVE-2004-0306 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories. | 5.0 |
| 2004-07-27 | CVE-2004-0714 | Denial Of Service vulnerability in Cisco products Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption). | 5.0 |
| 2003-08-18 | CVE-2003-0567 | Improper Input Validation vulnerability in Cisco products Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full. | 7.8 |
| 2003-03-31 | CVE-2002-1558 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | 10.0 |
| 2003-03-31 | CVE-2002-1557 | Denial of Service vulnerability in Cisco ONS15454/ONS15327 Optical Transport Platforms HTTP Request Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | 5.0 |
| 2003-03-31 | CVE-2002-1556 | Denial Of Service vulnerability in Cisco ONS15454/ONS15327 Optical Transport Platforms CORBA IOR Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR). | 5.0 |
| 2003-03-31 | CVE-2002-1555 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2003-03-31 | CVE-2002-1554 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | 4.6 |
| 2003-03-31 | CVE-2002-1553 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. | 7.5 |
| 2002-10-04 | CVE-2002-0952 | Denial Of Service vulnerability in Cisco Optical Networking Systems Software 3.1.0/3.2.0 Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. | 5.0 |