8 matches found
EUVD-2011-0370
Malware in sbrugna...
EUVD-2007-5339
Malware in sbrugna...
Alcatel OmniPCX Office FastJSDatacgi id2 Parameter Command Execution - Ver2 (CVE-2008-1331)
A command execution vulnerability has been reported in Alcatel-Lucent OmniPCX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Alcatel-Lucent OmniPCX Enterprise <= 7.1 Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands...
CVE-2011-0344
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server CS in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP...
Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Alcatel-Luce...
Design/Logic Flaw
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service lo...
rt-sa-2007-001.txt
Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...