PT-2002-1363 · Alcatel · Alcatel Omnipcx 4400

Published

2002-05-03

Updated

2017-07-11

CVE-2002-0293

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Alcatel OmniPCX 4400 (affected versions not specified)

Description The issue concerns the FTP service, which allows a specific user, "halt", to escalate privileges to root by modifying the root user's .profile file.

Recommendations For Alcatel OmniPCX 4400, restrict access to the FTP service for the "halt" user until a fix is available. Consider disabling the FTP service temporarily to prevent potential exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0293

Affected Products

Alcatel Omnipcx 4400

PT-2002-1363 · Alcatel · Alcatel Omnipcx 4400

CVE-2002-0293

Related Identifiers

Affected Products

References · 3