CVSS: 7.5EPSS: 13%CPEs: 24EXPL: 0CVE-2006-1672
https://notcve.org/view.php?id=CVE-2006-1672
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015871 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24438 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25647 •
CVSS: 5.0EPSS: 6%CPEs: 24EXPL: 0CVE-2006-1671
https://notcve.org/view.php?id=CVE-2006-1671
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015872 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24435 http://www.osvdb.org/24436 http://www.osvdb.org/24437 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25644 https://exchange.xforce.ibmcloud.com/vulnerabilities/25645 https://exchange.xforce.ibmcloud.com/vulnerabilities/2564 •
CVSS: 7.8EPSS: 2%CPEs: 24EXPL: 2CVE-2006-1670
https://notcve.org/view.php?id=CVE-2006-1670
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015872 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24434 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25643 •