4 results (0.010 seconds)

CVSS: 5.8EPSS: 4%CPEs: 6EXPL: 0

Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP headers. Desbordamiento de búfer basado en pila en programas CGI no especificados en el interface Web del Unified Maintenance Tool del servidor embebido del Communication Server (CS) en Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50, permite a atacantes remotos ejecutar código de su elección a través de una cabecera HTTP manipulada. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=896 http://secunia.com/advisories/43588 http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2011001.pdf http://www.securityfocus.com/bid/46640 http://www.vupen.com/english/advisories/2011/0549 https://exchange.xforce.ibmcloud.com/vulnerabilities/65849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.5EPSS: 3%CPEs: 1EXPL: 0

The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename. EL Communication Server en Alcatel-Lucent OmniPCX Enterprise 7.1 y anteriores cachea una dirección IP durante una respuesta TFTP desde una IP Touch phone, y utiliza esta dirección IP como el destino para todos los paquetes de subsecuencia VoIP en este teléfono, lo cual podría permitir a atacantes remotos provocar denegación de servicio (pérdida de audio) o interceptar comunicaciones de voz a través de una respuesta TFTP que contiene la dirección MAC del teléfono en el nombre de archivo. • http://osvdb.org/40522 http://secunia.com/advisories/27710 http://securityreason.com/securityalert/3387 http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_enterprise_audio_rerouting_vulnerability_v1.0.txt http://www.securityfocus.com/archive/1/483925/100/0/threaded http://www.securityfocus.com/bid/26494 http://www.securitytracker.com/id?1018983 http://www.vupen.com/english/advisories/2007/3919 http://www1.alcatel-lucent.com/psirt/statements/2007004/IPTouchDOS.pdf https://exchange& •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems. El Teléfono de Alcatel-Lucent IP-Touch corriendo bajo OmniPCX Enterprise 7.0 y versiones posteriores habilita un mini conmutador por defecto, lo que permite a atacantes obtener el acceso a la VLAN de voz a través de sistemas con conexión en cadena. • http://cert.uni-stuttgart.de/advisories/al-ip-touch-vlan-filtering.php http://osvdb.org/38526 http://www.securityfocus.com/archive/1/470742/100/0/threaded http://www.securityfocus.com/bid/24360 https://exchange.xforce.ibmcloud.com/vulnerabilities/34760 •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 1

The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. • http://www.cert.org/advisories/CA-2003-06.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip http://www.kb.cert.org/vuls/id/528719 http://www.securityfocus.com/bid/6904 https://exchange.xforce.ibmcloud.com/vulnerabilities/11379 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5831 •