CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2015/06/10 12:0 a.m.•46 views

Alcatel-Lucent OmniSwitch Web Interface Cross Site Request Forgery

Advisory: Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery During a penetration test, RedTeam Pentesting discovered a vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. The management web interface has no protection against cross-site request...

6.8CVSS0.3AI score0.01115EPSS

0day.today•added 2015/06/10 12:0 a.m.•53 views

Alcatel-Lucent OmniSwitch Web Interface Weak Session ID Vulnerability

Vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. This interface uses easily guessable session IDs, which allows attackers to authenticate as a currently logged-in user and perform administrative tasks Details ======= Product: Alcatel-Lucent OmniSwitch 6450, 6250...

4.3CVSS6.4AI score0.00544EPSS

Exploits3

Exploit DB•added 2015/06/10 12:0 a.m.•52 views

Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery

6.8CVSS6.6AI score0.01115EPSS

Packet Storm•added 2015/06/10 12:0 a.m.•72 views

Alcatel-Lucent OmniSwitch Web Interface Weak Session ID

Advisory: Alcatel-Lucent OmniSwitch Web Interface Weak Session ID During a penetration test, RedTeam Pentesting discovered a vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. This interface uses easily guessable session IDs, which allows attackers to authenticate...

4.3CVSS6.7AI score0.00544EPSS

Exploits3

0day.today•added 2015/06/10 12:0 a.m.•35 views

Alcatel-Lucent OmniSwitch Web Interface Cross Site Request Forgery Vulnerability

Vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. The management web interface has no protection against cross-site request forgery attacks. This allows specially crafted web pages to change the switch configuration and create users, if an administrator accesses...

6.8CVSS0.5AI score0.01115EPSS

Check Point Advisories•added 2015/03/26 12:0 a.m.•1 views

Alcatel OmniPCX Office FastJSDatacgi id2 Parameter Command Execution - Ver2 (CVE-2008-1331)

A command execution vulnerability has been reported in Alcatel-Lucent OmniPCX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS7.3AI score0.58502EPSS

Exploits1

securityvulns•added 2014/12/01 12:0 a.m.•29 views

Alcatel Lucent 1830 Photonic Service Switch XSS

XSS in web interface...

1.9AI score0.00195EPSS

Exploits2References1Affected Software1

Packet Storm•added 2014/12/01 12:0 a.m.•37 views

1830 Photonic Service Switch PSS-32/16/4 Cross Site Scripting

SWISSCOM CSIRT ADVISORY - http://www.swisscom.com/security CVE ID: CVE-2014-3809 Product: 1830 Photonic Service Switch PSS-32/16/4 Vendor: Alcatel-Lucent Subject: Reflected Cross-site Scripting - XSS Effect: Remotely exploitable Author: Stephan Rickauer stephan.rickauer at swisscom.com Date:...

4.1CVSS0.1AI score0.00195EPSS

Exploits2

securityvulns•added 2014/12/01 12:0 a.m.•68 views

CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4

0.2AI score0.00195EPSS

Exploits2

Symantec•added 2014/09/24 12:0 a.m.•253 views

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability

Description GNU Bash is prone to remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Advantech EKI-1320 1.98...

10CVSS1.5AI score0.9422EPSS

Exploits139References36Affected Software319

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Lucent Access Point 300/600/1500 IP Services Router Long HTTP Request DoS

No description provided by source. source: http://www.securityfocus.com/bid/5333/info The Lucent Access Point series of routers support a web based administrative interface. An error has been reported in the embedded HTTP server. It has been reported that sending a HTTP request consisting of...

seebug.org•added 2014/07/01 12:0 a.m.•67 views

Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

No description provided by source. $Id: alcatelomnipcxmastercgiexec.rb 10556 2010-10-05 23:13:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Alcatel-Lucent OmniPCX Enterprise <= 7.1 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection

No description provided by source...

seebug.org•added 2014/07/01 12:0 a.m.•27 views

Lucent 8.x VitalNet Password Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3784/info VitalNet is part of Lucent's VitalSuite SP product family. VitalNet allows users to monitor, analyze, manage and predict the performance of their network infrastructure. The implementation of VitalNet's...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/714/info Certain versions of Ascends Lucent router software listen on port 9 UDP Discard. Ascend provides configuration tools for MAX and Pipeline routers that locate locally installed routers by broadcasting a specially...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 Vulnerability (1)