CVE-2002-2149

Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service reboot via a long HTTP request to the administrative interface...

CVE-2002-2148

The CVE covers Lucent Ascend devices: MAX Router 5.0 and earlier, Pipeline Router 6.0.2 and earlier, and DSLTerminator. Affected component/behavior is a UDP port 9 discard handling that causes the device to leak sensitive interface details (hostname, MAC, IP) in the response when an attacker send...

CVE-2002-2149

CVE-2002-2149 describes a buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers. A remote attacker can cause a denial-of-service reboot by sending a long HTTP request to the device’s administrative interface. Documented in NVD/Red Hat CVE entries; CVSS v2 base score 5.0 (Netwo...

Linux Orinoco drivers information leakage

Linux Orinoco Driver Information Leakage Vulnerability I. Background http://sourceforge.net/projects/orinoco The Linux orinoco driver, included in the kernel since 2.4.3 and in David Hinds' pcmcia-cs package since 3.1.30 supports a large number of wireless NICs based on the Lucent/Agere Hermes,...

CVE-2001-0160

Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector IV values for the Wireless Encryption Protocol WEP which allows remote attackers to quickly compile information that will let them decrypt messages...

CVE-2001-0160

CVE-2001-0160 involves Lucent/ORiNOCO WaveLAN wireless cards where the Initialization Vector (IV) values used by WEP are predictable. This weakens the confidentiality of WEP-protected traffic because a remote attacker can build information to decrypt messages. The underlying issue is compromised ...

CVE-2001-1081

Vulnerability details: CVE-2001-1081 concerns Livingston/Lucent RADIUS prior to 2.1.va.1, where format string vulnerabilities in log message handling can allow local or remote attackers to cause a denial of service and potentially execute arbitrary code via crafted format specifiers. The provided...

Lucent VitalNet VsSetCookie.exe Direct Request Authentication Bypass

Binary data 1715.prm...

Lucent VitalNet VsSetCookie.exe Unauthorized Access

The VsSetCookie.exe CGI exists on the remote web server. Some versions of this file have an unauthorized access vulnerability. Making a request similar to : http://www.example.com/cgi-bin/VsSetCookie.exe?vsuser= will result in full access if a valid username is provided. Please note Nessus solely...

CVE-2002-2149

Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service reboot via a long HTTP request to the administrative interface...

CVE-2002-2148

Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard UDP port 9 packet, which causes the device to le...

Phenoelit Advisory 0815 ++ // Xedia

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +++ Authors FX [email protected] kim0 [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/LucentXedia.txt Affected Products Lucent Access Point IP Services Router Formerly known as Xedia Router Luce...

Phenoelit ADvisory 0815 ++ ** Ascend

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +--- Authors FX [email protected] kim0 [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/LucentAscend.txt Affected Products Lucent Pipline, MAX, DSL-Terminator. Formerly known under Ascend Router...

Phenoelit Advisory 0815 ++ -- Brick

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 ++- Authors FX [email protected] kim0 [email protected] Phenoelit Group http://www.phenoelit.de http://www.phenoelit.de/stuff/LucentBrick.txt Affected Products Lucent LSMS 5.5 Lucent Brick, Bridging VPN Firewall Lucent Bug ID: Not assigned...

CVE-2002-0236

Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user...

CVE-2002-0236

Lucent VitalSuite 8.0–8.2 (VitalNet, VitalEvent, VitalHelp/VitalAnalysis) is affected by CVE-2002-0236 through VsSetCookie.exe. A remote attacker can bypass authentication by making a direct HTTP request to VsSetCookie.exe, which returns a valid cookie for the target user. Connected sources descr...

CVE-2002-0236

Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user...

CVE-2001-0619

The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear...

CVE-2001-0534

CVE-2001-0534 concerns buffer overflows in radiusd. Connected documents show a related, later issue: yardradius (YARD radius server) with a stack/remote overflow that could allow execution of arbitrary code as root. Debian’s DSA-598-1 (CAN-2004-0987) states yardradius is vulnerable to a remote st...

CVE-2001-0619

Technical details for CVE-2001-0619 are not publicly available in the provided documents. Monitor for updates on affected components, versions, impact, and remediation.