0X1911

**Name of the Vulnerable Software and Affected Versions** Alcatel-Lucent OmniVista 4760 versions prior to 4.1.2 Alcatel-Lucent OmniVista 8770 versions prior to 4.1.2 **Description** An issue was discovered that allows a remote unauthenticated attacker to retrieve the content of its own session files due to an incorrect web server configuration. Each session file contains administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess <sessionid>. **Recommendations** For Alcatel-Lucent OmniVista 4760 versions prior to 4.1.2, update to version 4.1.2 or later. For Alcatel-Lucent OmniVista 8770 versions prior to 4.1.2, update to version 4.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** Alcatel-Lucent OmniVista 8770 versions prior to 4.1.2 **Description** An issue allows an authenticated remote attacker with elevated privileges in the Web Directory component on port 389 to upload a PHP file, achieving Remote Code Execution as SYSTEM. **Recommendations** For versions prior to 4.1.2, update to version 4.1.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Alcatel-Lucent OmniVista 4760 (affected versions not specified) **Description** A remote unauthenticated attacker can exploit a combination of directory traversal and insecure file upload vulnerabilities to achieve Remote Code Execution as SYSTEM. The directory traversal vulnerability is located in the ` construct()` function, while the insecure file upload vulnerability is found in the `SetSkinImages()` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.