RSS   Vulnerabilities for 'Mobility controller'   RSS

2007-07-26
 
CVE-2007-4023

 

 
Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
2007-02-14
 
CVE-2007-0932

CWE-264
 

 
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.

 
 
CVE-2007-0931

CWE-Other
 

 
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings.

 


Copyright 2024, cxsecurity.com

 

Back to Top