CVSS: 9.0EPSS: 5%CPEs: 12EXPL: 0CVE-2008-5709
https://notcve.org/view.php?id=CVE-2008-5709
24 Dec 2008 — Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2) Backup History components. Múltiples vulnerabilidades sin especificar en la interfaz de gestión web en Avaya Communication Manager (CM) 3.1 antes de 3.1.4 SP2, 4.0 antes de 4.0.3 SP1 y 5.0 antes de 5.0 SP3 permite a u... • http://secunia.com/advisories/32204 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2008-5710
https://notcve.org/view.php?id=CVE-2008-5710
24 Dec 2008 — Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors. Múltiples vulnerabilidades sin especificar en la interfaz de gestión web en Avaya Communication Manager (CM) 3.1.x, 4.0.3 y 5.x permite a atacantes remotos leer (1) archivos de configuración, (2) archivos de log, (3) archivos binarios de imagen y (4)... • http://secunia.com/advisories/32035 • CWE-16: Configuration •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3777
https://notcve.org/view.php?id=CVE-2008-3777
25 Aug 2008 — The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login credentials by reading these logs. SIP Enablement Services (SES) Server en Avaya SIP Enablement Services 5.0 y Communication Manager (CM) 5.0 en el S8300C con SES activado, escribe los nombres y contraseñas de cuenta en los... • http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3778
https://notcve.org/view.php?id=CVE-2008-3778
25 Aug 2008 — The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request. El interfaz remoto de gestión en SIP Enablement Services (SES) Server en Avaya SIP Enablement Services 5.0 y Communication Manager (CM) 5.0 en el S8300... • http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2008-2812 – kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code
https://notcve.org/view.php?id=CVE-2008-2812
09 Jul 2008 — The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. El núcleo de Linux anterior a 2.6.25.10, no realiza de forma adecuada las operaciones tty, es... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-1490
https://notcve.org/view.php?id=CVE-2007-1490
16 Mar 2007 — Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection"). Páginas web de mantenimiento no especificadas en Avaya S87XX, S8500, y S8300 versiones anteriores a CM 3.1.3, y Avaya SES permite a usuarios remotos autenticados ejecutar comandos de su elección mediante metacaracteres shell en vectores si especificar (también conocido ... • http://secunia.com/advisories/24434 •
CVSS: 9.1EPSS: 7%CPEs: 47EXPL: 0CVE-2004-1082
https://notcve.org/view.php?id=CVE-2004-1082
03 Feb 2004 — mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html •