57 matches found
CVE-2019-20049
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...
CVE-2019-20048
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...
EUVD-2011-0371
Malware in sbrugna...
EUVD-2007-5171
Malware in sbrugna...
ALE Alcatel-Lucent Omnivista 4760 and ALE Alcatel-Lucent Omnivista 8770 Remote Code Execution Vulnerabilities
The ALE Alcatel-Lucent Omnivista 4760 and the ALE Alcatel-Lucent Omnivista 8770 are both products of ALE France.The ALE Alcatel-Lucent Omnivista 4760 is a network management system. The product includes alarm notification, OmniPCX configuration, performance analysis and Voice over IP monitoring.A...
Alcatel OmniVista remote command execution
Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...
Alcatel OmniVista remote command execution
Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...
Alcatel OmniVista remote command execution
Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...
Alcatel-Lucent OmniVista 4760 Directory Traversal and Insecure File Upload Vulnerability
LE Alcatel-Lucent Omnivista 4760 is a network management system from ALE France. The product includes features such as alarm notification, OmniPCX configuration, performance analysis and Voice over IP monitoring. A security vulnerability exists in the ALE Alcatel-Lucent OmniVista 4760. An attacke...
Alcatel-Lucent OmniVista 8770 Remote Code Execution Vulnerability
The ALE Alcatel-Lucent Omnivista 8770 is a network management system from ALE France. The product includes features such as alarm notification, OmniPCX configuration, performance analysis, and Voice over IP monitoring. A security vulnerability exists in the ALE Alcatel-Lucent OmniVista 8770 prior...
CVE-2019-20047
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...
CVE-2019-20049
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...
CVE-2019-20048
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...
CVE-2019-20047
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...
CVE-2019-20048
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...
Format string
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...
Directory traversal
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...
CVE-2019-20047
The CVE-2019-20047 issue affects Alcatel-Lucent OmniVista 4760 and OmniVista 8770 prior to version 4.1.2. A misconfigured web server allows a remote unauthenticated attacker to retrieve the contents of its own session files located under /sessions/sess_. Each session file contains administrative ...
CVE-2019-20048
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...
CVE-2019-20048
CVE-2019-20048 affects Alcatel-Lucent OmniVista 8770 devices prior to 4.1.2. An authenticated remote attacker with elevated privileges in the Web Directory component (port 389) can upload a PHP file, enabling Remote Code Execution as SYSTEM. Public Red Hat, CNVD, and CVE records corroborate the s...