Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
http://www.securityfocus.com/bid/6082
http://www.iss.net/security_center/static/10509.php
http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml