Cisco has published two security advisories to warn of problems in several of its devices. Products affected are Cisco ONS 15000 Series Common Control Cards, Cisco Transport Controller (CTC) and Cisco 11500 Content Services Switch.
Cisco 11500 Content Services Switch is affected by a remote denial of service problem when configured to carry out HTTP compression. Another vulnerability affects Cisco Transport Controller (CTC), allowing a remote user to run arbitrary code on the CTC workstation.
Finally, Cisco has confirmed multiple vulnerabilities in Cisco Optical Networking System (ONS) series 15000 devices, allowing a remote user to cause denial of service conditions in Common Control Cards. ONS 15310 Multi-service Provisioning Platforms (MSPP), ONS 15327 MSPP, ONS 15454 MSPP, ONS 15454 Multi-service Transport Platform and ONS 15600 MSPP are affected.
Cisco has published updates to prevent each of these problems:
Source: Panda Software