ID SECURITYVULNS:DOC:25862Type securityvulnsReporter SecurityvulnsModified 2011-03-03T00:00:00
Description
Title: DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory
Traversal Vulnerability [ CVE-2011-0345 ]
Severity: High
Date Discovered:10/29/2010
Discovered By: Digital Defense, Inc. Vulnerability Research Team
Additional Discovered By: r@b13$
Vulnerability Description:
The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal.
This flaw allows remote unauthenticated attackers to retrieve arbitrary files from
a vulnerable system.
Solution Description:
Alcatel-Lucent has provided a patch for this vulnerability. The patch is
available on the vendor's website. If you are unable to patch the system, mitigate
this vulnerability by disabling the service, or restricting access to a local
interface or a trusted network via a firewall or other means.
Tested Systems / Software:
OmniVista 4760 NMS version 5.0.07.05
OmniVista 4760 NMS version 5.1.06.03
Vendor Name: Alcatel-Lucent
Vendor Website: http://www.alcatel-lucent.com/
{"id": "SECURITYVULNS:DOC:25862", "bulletinFamily": "software", "title": "DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ]", "description": "Title: DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory\r\nTraversal Vulnerability [ CVE-2011-0345 ]\r\nSeverity: High\r\nDate Discovered:10/29/2010\r\nDiscovered By: Digital Defense, Inc. Vulnerability Research Team\r\nAdditional Discovered By: r@b13$\r\n\r\nVulnerability Description:\r\n\r\nThe Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal.\r\nThis flaw allows remote unauthenticated attackers to retrieve arbitrary files from\r\na vulnerable system.\r\n\r\nSolution Description:\r\n\r\nAlcatel-Lucent has provided a patch for this vulnerability. The patch is\r\navailable on the vendor's website. If you are unable to patch the system, mitigate\r\nthis vulnerability by disabling the service, or restricting access to a local\r\ninterface or a trusted network via a firewall or other means.\r\n\r\nTested Systems / Software:\r\n\r\nOmniVista 4760 NMS version 5.0.07.05\r\nOmniVista 4760 NMS version 5.1.06.03\r\n\r\nVendor Name: Alcatel-Lucent\r\nVendor Website: http://www.alcatel-lucent.com/", "published": "2011-03-03T00:00:00", "modified": "2011-03-03T00:00:00", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25862", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-0345"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:39", "edition": 1, "viewCount": 13, "enchantments": {"score": {"value": 6.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0345"]}, {"type": "kaspersky", "idList": ["KLA10056"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11476"]}, {"type": "seebug", "idList": ["SSV:20358"]}], "rev": 4}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2011-0345"]}, {"type": "kaspersky", "idList": ["KLA10056"]}, {"type": "seebug", "idList": ["SSV:20358"]}]}, "exploitation": null, "vulnersScore": 6.5}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645561380}}
{"seebug": [{"lastseen": "2017-11-19T18:06:04", "description": "BUGTRAQ ID: 46624\r\nCVE ID: CVE-2011-0345\r\n\r\nAlcatel-Lucent OmniVista 4760 Network Management System\u53ef\u63d0\u4f9b\u7f51\u7edc\u5b89\u5168\u548c\u4f18\u5316\u7684\u7ba1\u7406\u5e94\u7528\u7a0b\u5e8f\u96c6\u3002\r\n\r\nAlcatel-Lucent OmniVista 4760 Network Management System\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u7528\u76ee\u5f55\u904d\u5386\u5b57\u7b26\u4e32\u4ece\u53d7\u5f71\u54cd\u7cfb\u7edf\u4e2d\u68c0\u7d22\u4efb\u610f\u6587\u4ef6\u3002\n\nAlcatel Alcatel-Lucent OmniVista 4760 Network Management S 5.1.06.03\r\nAlcatel Alcatel-Lucent OmniVista 4760 Network Management S 5.0.07.05\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAlcatel\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.ind.alcatel.com/", "published": "2011-03-03T00:00:00", "type": "seebug", "title": "Alcatel-Lucent OmniVista 4760 Network Management System "lang"\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-0345"], "modified": "2011-03-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20358", "id": "SSV:20358", "sourceData": "", "sourceHref": "", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cve": [{"lastseen": "2022-03-23T11:34:05", "description": "Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable.", "cvss3": {}, "published": "2011-03-08T21:59:00", "type": "cve", "title": "CVE-2011-0345", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0345"], "modified": "2018-10-10T20:09:00", "cpe": ["cpe:/a:alcatel-lucent:omnivista:4760_r5.0.07.05", "cpe:/a:alcatel-lucent:omnivista:4760_r5.1.06.03"], "id": "CVE-2011-0345", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0345", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:alcatel-lucent:omnivista:4760_r5.0.07.05:*:*:*:*:*:*:*", "cpe:2.3:a:alcatel-lucent:omnivista:4760_r5.1.06.03:*:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2021-08-18T11:34:50", "description": "### *Detect date*:\n03/08/2011\n\n### *Severity*:\nWarning\n\n### *Description*:\nA directory traversal vulnerability was found in OmniVista. By exploiting this vulnerability malicious users can read local files. This vulnerability can be exploited from the network at a point related to NMS server via specially designed GET request.\n\n### *Affected products*:\nAlcatel-Lucent OmniVista 4760 all versions\n\n### *Solution*:\nUpdate to latest version\n\n### *Original advisories*:\n[Alcatel bulletin](<http://www3.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2011002.pdf>) \n\n\n### *Impacts*:\nRLF \n\n### *Related products*:\n[Alcatel OmniVista](<https://threats.kaspersky.com/en/product/Alcatel-OmniVista/>)\n\n### *CVE-IDS*:\n[CVE-2011-0345](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0345>)3.3Warning", "cvss3": {}, "published": "2011-03-08T00:00:00", "type": "kaspersky", "title": "KLA10056 RLF vulnerability in Alcatel-Lucent OmniVista 4760", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0345"], "modified": "2020-06-03T00:00:00", "id": "KLA10056", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10056/", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:N"}}]}
