Cisco ONS Multiple Remote Vulnerabilities (20040219-ONS)

This script is (C) 2005-2013 Tenable Network Security, Inc.

Synopsis :

The remote Cisco device has multiple vulnerabilites.

Description :

According to its version number, the remote Cisco ONS platform has
the following vulnerabilities :

- The TFTP server allows unauthenticated access to TFTP
GET and PUT commands. An attacker may exploit this flaw
to upload or retrieve the system files of the remote
ONS platform.

- A denial of service attack may occur through the network
management port of the remote device (1080/tcp).

- Superuser accounts cannot be disabled over telnet.

See also :

Solution :

Apply the fixes referenced in Cisco's advisory.

Risk factor :

High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.3
Public Exploit Available : false