[原文]Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.
Cisco ONS 15000 contains a flaw that may allow a remote denial of service against the device's control cards. The issue is triggered when connections are initiated to any of the administrative TCP ports listening on the server without completing a full three-way TCP handshake by omitting the final ACK packet. This will lead to a memory exhaustion problem and can result in a reset of the control cards on the platform, leading to a loss of availability.
Upgrade to the software versions released and detailed by the vendor, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.