PT-2008-5632 · Alcatel+1 · Alcatel Omniswitch Os6850+5
Publicado
2008-10-03
·
Atualizado
2018-11-02
·
CVE-2008-4383
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 5.1.6.463.R02
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 5.4.1.429.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.1.3.965.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.1.5.595.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.3.1.966.R01
Description:
A stack-based buffer overflow in the Agranet-Emweb embedded management web server allows remote attackers to execute arbitrary code via a long
Session cookie.Recommendations:
For AoS versions prior to 5.1.6.463.R02, update to version 5.1.6.463.R02 or later.
For AoS versions prior to 5.4.1.429.R01, update to version 5.4.1.429.R01 or later.
For AoS versions prior to 6.1.3.965.R01, update to version 6.1.3.965.R01 or later.
For AoS versions prior to 6.1.5.595.R01, update to version 6.1.5.595.R01 or later.
For AoS versions prior to 6.3.1.966.R01, update to version 6.3.1.966.R01 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Agranet-Emweb
Alcatel Omniswitch Os6600
Alcatel Omniswitch Os6800
Alcatel Omniswitch Os6850
Alcatel Omniswitch Os7000
Alcatel Omniswitch Os9000