CVE-2004-1433

Name of the Vulnerable Software and Affected Versions: Cisco ONS 15327 versions 4.6(0) through 4.6(1) Cisco ONS 15327 versions 4.5(x) Cisco ONS 15327 versions 4.1(0) through 4.1(3) Cisco ONS 15327 versions 4.0(0) through 4.0(2) Cisco ONS 15327 versions prior to 4.0(0) Cisco ONS 15454 versions 4.6(0) through 4.6(1) Cisco ONS 15454 versions 4.5(x) Cisco ONS 15454 versions 4.1(0) through 4.1(3) Cisco ONS 15454 versions 4.0(0) through 4.0(2) Cisco ONS 15454 versions prior to 4.0(0) Cisco ONS 15454 SDH versions 4.6(0) through 4.6(1) Cisco ONS 15454 SDH versions 4.5(x) Cisco ONS 15454 SDH versions 4.1(0) through 4.1(3) Cisco ONS 15454 SDH versions 4.0(0) through 4.0(2) Cisco ONS 15454 SDH versions prior to 4.0(0) Cisco ONS 15600 versions 1.x(x)

Description: The issue allows remote attackers to cause a denial of service via malformed TCP and UDP packets, resulting in a control card reset.

Recommendations: For Cisco ONS 15327, ONS 15454, and ONS 15454 SDH versions prior to the fixed version, update to a version that includes the fix for this issue. For Cisco ONS 15600 version 1.x(x), update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.