CVE-2008-4383

Опубликовано: 03 окт. 2008

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.

Ссылки

http://secunia.com/advisories/31435
Third Party Advisory
http://securityreason.com/securityalert/4347
Third Party Advisory
http://www.layereddefense.com/alcatel12aug.html
Broken Link
http://www.securityfocus.com/archive/1/495343/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/30652
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020657
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/2346
Third Party Advisory
http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/44400
Third Party Advisory
VDB Entry
http://secunia.com/advisories/31435
Third Party Advisory
http://securityreason.com/securityalert/4347
Third Party Advisory
http://www.layereddefense.com/alcatel12aug.html
Broken Link
http://www.securityfocus.com/archive/1/495343/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/30652
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020657
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/2346
Third Party Advisory
http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/44400
Third Party Advisory
VDB Entry