304 matches found
CVE-2011-0344
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server CS in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP...
CVE-2011-0345
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable...
Directory traversal
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable...
Stack overflow
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server CS in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP...
CVE-2011-0344
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server CS in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP...
CVE-2011-0344
CVE-2011-0344 concerns multiple stack-based buffer overflows in unspecified CGI programs within the OmniPCX Enterprise CS web interface. The vulnerability arises when parsing certain HTTP headers, enabling a remote attacker to execute arbitrary code with the service’s privileges. Affected: OmniPC...
CVE-2011-0345
CVE-2011-0345 is a directory traversal vulnerability in the NMS server of Alcatel-Lucent OmniVista 4760 (affected: OmniVista 4760 NMS versions 5.0.07.05 and 5.1.06.03 ). The issue allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, specifically ...
CVE-2011-0345
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable...
KLA10056 RLF vulnerability in Alcatel-Lucent OmniVista 4760
A directory traversal vulnerability was found in OmniVista. By exploiting this vulnerability malicious users can read local files. This vulnerability can be exploited from the network at a point related to NMS server via specially designed GET request. Original advisories Alcatel bulletin Related...
iDefense Security Advisory 03.01.11: Alcatel-Lucent OmniPCX Enterprise CS CGI Cookie Buffer Overflow Vulnerability
iDefense Security Advisory 03.01.11 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 01, 2011 I. BACKGROUND The Alcatel-Lucent OmniPCX Enterprise Communication Server CS is a communication server platform that provides multimedia call processing for both Alcatel-Lucent and third-party...
DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ]
Title: DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability CVE-2011-0345 Severity: High Date Discovered:10/29/2010 Discovered By: Digital Defense, Inc. Vulnerability Research Team Additional Discovered By: r@b13$ Vulnerability Description: The Alcatel-Lucent...
Alcatel-Lucent OmniVista 4760 Network Management System "lang"目录遍历漏洞
BUGTRAQ ID: 46624 CVE ID: CVE-2011-0345 Alcatel-Lucent OmniVista 4760 Network Management System可提供网络安全和优化的管理应用程序集。 Alcatel-Lucent OmniVista 4760 Network Management System在实现上存在目录遍历漏洞,攻击者可利用此漏洞使用目录遍历字符串从受影响系统中检索任意文件。 Alcatel Alcatel-Lucent OmniVista 4760 Network Management S 5.1.06.03 Alcatel...
Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)
$Id: alcatelomnipcxmastercgiexec.rb 10556 2010-10-05 23:13:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2010-3279
The default configuration of the CCAgent option before 9.0.8.4 in the management server aka TSA component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving...
CVE-2010-3280
The CCAgent option 9.0.8.4 and earlier in the management server aka TSA component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which...
CVE-2010-3281
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.cPatch3 allows remote attackers to execute arbitrary code or cause a denial of service service crash via a long request...
Stack overflow
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.cPatch3 allows remote attackers to execute arbitrary code or cause a denial of service service crash via a long request...
Authorization
The CCAgent option 9.0.8.4 and earlier in the management server aka TSA component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which...
Default configuration
The default configuration of the CCAgent option before 9.0.8.4 in the management server aka TSA component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving...
CVE-2010-3279
The default configuration of the CCAgent option before 9.0.8.4 in the management server aka TSA component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving...