8 matches found
Avaya Intuity Audix LX R1.1 Multiple Remote Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/36450/info Avaya Intuity Audix LX is prone to multiple remote vulnerabilities, including: 1. Multiple remote command-execution vulnerabilities 2. A cross-site request-forgery vulnerability 3. A cross-site scripting...
Avaya Intuity Audix LX多个输入验证漏洞
BUGTRAQ ID: 36450 Intuity Audix LX是一款功能强大的多媒体消息传输服务器。 Intuity Audix LX的/html/cswebadm/basic/cgibin/目录下的多个CGI perl脚本没有正确地验证用户所提交的参数请求,远程攻击者可以通过提交HTTP POST请求执行任意代码;此外由于没有过滤提交给/cgi-bin/smallmenu.pl的url参数,可能导致跨站脚本攻击;在登录到Web界面时没有使用令牌化保护管理更改,可能导致跨站请求伪造攻击。 0 AVAYA IntuityTM AUDIX LX R1.1 厂商补丁: AVAYA ---...
Avaya Intuity Audix LX multiple security vulnerabilities
Multiple web interface vulnerabilities including remote code exectuion...
Multiple Remote Command Execution vulnerabilities on Avaya Intuity Audix LX (plus some client-side bugs)
It appears that most diagnostic CGI perl scripts that take user-supplied input are vulnerable to Remote Command Execution. These scripts are located on '/html/cswebadm/basic/cgi-bin/'. All the RCE vulnerabilities discovered were tested with an authenticated session using the 'craft' account. Thes...
Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities
Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/36450/info Avaya Intuity Audix LX is prone to multiple remote vulnerabilities, including: 1. Multiple remote command-execution vulnerabilities 2. A cross-site request-forgery vulnerability 3. A...
Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities
source: https://www.securityfocus.com/bid/36450/info Avaya Intuity Audix LX is prone to multiple remote vulnerabilities, including: 1. Multiple remote command-execution vulnerabilities 2. A cross-site request-forgery vulnerability 3. A cross-site scripting vulnerability Attackers can exploit thes...
Linux Kernel x86_64 ptrace Denial Of Service Vulnerability
Linux内核存在拒绝服务漏洞,当进程执行在64位的计算机时。 本地攻击者可以利用这个问题的崩溃和内核拒绝服务的合法用户。 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10...
AudixShell.txt
This vulnerability is dedicated to my mother, who passed away on April 7, 2003. Mom, may God be with you. Avaya, a manufacturer of telecommunications products, makes a voicemail system called Intuity Audix. This system is based on a Novell licensed version of Unixware v2.1.3 by SCO. The one used...