Vulnerability CVE-2008-4383


Published: 2008-10-03   Modified: 2012-02-12

Description:
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.

See advisories in our WLB2 database:
Topic
Author
Date
High
Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow
dh layereddefens...
07.10.2008

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Alcatel-lucent
Product: Omniswitch 
Version:
os9000
os7000
os6850
os6800
os6600
Vendor: Alcatel
Product: AOS 
Version:
6.3.1.966
6.1.3.965
5.4.1.429
5.1.6.463
5.1.1

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://securityreason.com/securityalert/4347
http://www.layereddefense.com/alcatel12aug.html
http://www.securityfocus.com/archive/1/495343/100/0/threaded
http://www.securityfocus.com/bid/30652
http://www.securitytracker.com/id?1020657
http://www.vupen.com/english/advisories/2008/2346
http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/44400

Related CVE
CVE-2018-6597
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user wi...
CVE-2011-4505
The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external for...
CVE-2007-5383
The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the ...
CVE-2007-5384
Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as dem...
CVE-2007-5385
Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2004-2377
Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled.
CVE-2002-1272
Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.
CVE-2002-0119
Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.

Copyright 2019, cxsecurity.com

 

Back to Top