4 matches found
DSECRG-08-020-1.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-020 Application: Alcatel OmniPCX Office Versions Affected: Alcatel OmniPCX Office since release 210/061.1 Vendor URL: http://alcatel.com Bugs: Remote command execution Exploits: YES Risk: High CVSS Score: 7.31 CVE-number: 2008-1331 Reporte...
[DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution
Digital Security Research Group DSecRG Advisory DSECRG-08-020 Application: Alcatel OmniPCX Office Versions Affected: Alcatel OmniPCX Office since release 210/061.1 Vendor URL: http://alcatel.com Bugs: Remote command execution Exploits: YES Risk: High CVSS Score: 7.31 CVE-number: 2008-1331 Reporte...
OmniPCX Office远程信息泄露漏洞
BUGTRAQ ID: 28758 CVECAN ID: CVE-2008-1331 阿尔卡特的OmniPCX Office是一套为中小型企业设计的统一通信解决方案。 OmniPCX Office的Internet Access服务所使用的一个CGI脚本没有正确地过滤某些特定参数,允许远程攻击者从Internet检索敏感信息。 Alcatel-Lucent OmniPCX Office = 210/061.1 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 禁止从Internet的WBM/WCA访问 对于R2.1到R4.1版本:...
CVE-2008-1331
CVE-2008-1331 is a remote command-execution vulnerability in Alcatel-Lucent OmniPCX Office Internet Access service via CGI script FastJSData.cgi (id2 parameter). Affected: OmniPCX Office OXO210 before 210/091.001 and OXO600 before 610/014.001 (and other versions). Impact: remote attackers can exe...