Lucene search
+L

251 matches found

Packet Storm
Packet Storm
added 2007/09/18 12:0 a.m.65 views

rt-sa-2007-001.txt

Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...

10CVSS9.6AI score0.97759EPSS
Exploits8
exploitpack
exploitpack
added 2007/09/17 12:0 a.m.13 views

Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution

Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution source: https://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2007/09/17 12:0 a.m.34 views

Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 masterCGI Command Injection

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

7.1AI score0.97759EPSS
Exploits8
exploitpack
exploitpack
added 2007/09/17 12:0 a.m.29 views

Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection (Metasploit)

Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...

0.3AI score0.97759EPSS
Exploits8
Exploit DB
Exploit DB
added 2007/09/17 12:0 a.m.30 views

Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution

source: https://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands with the privileges of the 'httpd'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/17 12:0 a.m.69 views

Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Alcatel-Luce...

10CVSS7.4AI score0.97759EPSS
Exploits8
securityvulns
securityvulns
added 2007/06/11 12:0 a.m.40 views

Alcatel-Lucent OmniPCX 7.0 VLAN information leak

Broadcast and multicast packets cross VLAN boundaries...

7.5CVSS2.3AI score0.012EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/06/11 12:0 a.m.51 views

RUS-CERT 2007-06:01 (1380): Insecure Defaults in A-L OmniPCX 7.0

Dear all, for your information. ------------------------------------------------------------------------ RUS-CERT Security Announcement 2007-06:01 1380 ================================================ The built-in Mini Switch in Alcatel-Lucent's IP-Touch Telephones under OmniPCX Enterprise 7.0 an...

7.5CVSS6.5AI score0.012EPSS
Exploits0
NVD
NVD
added 2007/06/07 9:30 p.m.13 views

CVE-2007-2512

Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems...

7.5CVSS6.7AI score0.012EPSS
Exploits0References5
Prion
Prion
added 2007/06/07 9:30 p.m.18 views

Design/Logic Flaw

Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems...

7.5CVSS7.3AI score0.012EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/06/07 9:0 p.m.49 views

CVE-2007-2512

CVE-2007-2512 affects Alcatel-Lucent OmniPCX Enterprise Release 7.0 and later, where the built‑in mini switch on IP-Touch phones is enabled by default. This allows unauthenticated access to the voice VLAN through a daisy‑chained computer system, effectively bypassing 802.1x in some scenarios and ...

7.5CVSS6.7AI score0.012EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/06/07 9:0 p.m.19 views

CVE-2007-2512

Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems...

6.7AI score0.012EPSS
Exploits0References5
Prion
Prion
added 2007/04/02 11:19 p.m.22 views

Design/Logic Flaw

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

10CVSS7.2AI score0.03058EPSS
Exploits0References2
NVD
NVD
added 2007/04/02 11:19 p.m.22 views

CVE-2007-1822

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

10CVSS6.7AI score0.03058EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/04/02 11:0 p.m.29 views

CVE-2007-1822

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

6.7AI score0.03058EPSS
Exploits0References2
CVE
CVE
added 2007/04/02 11:0 p.m.59 views

CVE-2007-1822

Alcatel-Lucent Lucent Technologies voice mail systems are affected by CVE-2007-1822. The vulnerability arises from spoofing the Calling Number Identification (CNID) used for access authentication, allowing remote attackers to retrieve or remove messages or reconfigure mailboxes. The connected doc...

10CVSS6.7AI score0.03058EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2007/03/02 9:18 p.m.25 views

Integer overflow

Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by 1 modifying the iseve function to gain privileges and 2 making the devpermcheck function...

7.2CVSS7.2AI score0.00765EPSS
Exploits1References5
NVD
NVD
added 2007/03/02 9:18 p.m.22 views

CVE-2007-1189

Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by 1 modifying the iseve function to gain privileges and 2 making the devpermcheck function...

7.2CVSS6.7AI score0.00765EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/03/02 7:0 p.m.30 views

CVE-2007-1189

Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by 1 modifying the iseve function to gain privileges and 2 making the devpermcheck function...

6.7AI score0.00765EPSS
Exploits1References5
CVE
CVE
added 2007/03/02 7:0 p.m.48 views

CVE-2007-1189

CVE-2007-1189 : Concrete details show an integer overflow in the Plan 9 kernel’s envwrite function (Alcatel-Lucent Bell Labs Plan 9) that can be triggered by a large n argument. This vulnerability allows local users to overwrite kernel memory, with demonstrated effects including privilege escalat...

7.2CVSS6.7AI score0.00765EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder