Alcatel-Lucent OmniPCX Enterprise <= 7.1 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands...

Juniper SSL VPN Bypass / Cross Site Scripting

This reminded me of a bunch of problems I spotted in Juniper SSL VPN a while ago; they are apparently fixed, but I don't recall seeing any public vendor advisory / credit for reporting them - so here you go, even if just for the record... These were fixed by Juniper in IVE 6.3R1, 6.2R3, 6.1R5,...

CVE-2007-3010

CVE-2007-3010 affects Alcatel-Lucent OmniPCX Enterprise Communication Server (R7.1 and earlier). The web-based masterCGI script in the Unified Maintenance Tool allows remote arbitrary command execution via shell metacharacters in the user parameter during a ping action, enabling an attacker to ru...