RSS   Vulnerabilities for 'Net direct client'   RSS

2007-02-21
 
CVE-2007-1057

 

 
The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.

 

 >>> Vendor: Nortel 70 Products
Optivity net architect
Contivity
Nautica marlin
Alteon acedirector
Cvx 1800 multi-service access switch
Succession communication server 2000
Business communications manager
802.11 wireless ip gateway
Succession communication server 1000
Ip softphone 2050
Mobile voice client 2050
Optivity telephony manager
Symposium web centre portal
Symposium web client
Media communication server 5100
Media communication server 5200
Media processing server
Periphonics
Symposium agent
Symposium network control center
Symposium tapi service provider
Symposium call center server
Symposium express call center
Wlan access point 2220
Wlan access point 2221
Wlan access point 2225
Callpilot
Contact center
7220 wlan access point
7250 wlan access point
Ethernet routing switch 1612
Ethernet routing switch 1624
Ethernet routing switch 1648
Optical metro 5000
Optical metro 5100
Optical metro 5200
Survivable remote gateway
Universal signaling point
Vpn router 1010
Vpn router 1050
Vpn router 1100
Vpn router 1700
Vpn router 1740
Vpn router 2700
Vpn router 5000
Vpn router 600
Ssl vpn
Callpilot server
Net direct client
Meridian mail
Vpn router 1750
Vpn router portfolio
Communications server
Pc client soft phone sip
Sip softphone
Meridian option 11c
Meridian option 51c
Meridian option 61c
Meridian option 81c
Voip-core-cs
Centrex ip client manager
Centrex ip element manager
Meridian sl100
Multimedia communications server
Sip multimedia pc client
Unistim ip phone
Multimedia communication server 5100
Communication server 1000
Unistim protocol
Cs1000


Copyright 2019, cxsecurity.com

 

Back to Top