PT-2008-5632 · Alcatel+1 · Alcatel Omniswitch Os6850+5
Published
2008-10-03
·
Updated
2018-11-02
·
CVE-2008-4383
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 5.1.6.463.R02
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 5.4.1.429.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.1.3.965.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.1.5.595.R01
Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS versions prior to 6.3.1.966.R01
Description:
A stack-based buffer overflow in the Agranet-Emweb embedded management web server allows remote attackers to execute arbitrary code via a long
Session cookie.Recommendations:
For AoS versions prior to 5.1.6.463.R02, update to version 5.1.6.463.R02 or later.
For AoS versions prior to 5.4.1.429.R01, update to version 5.4.1.429.R01 or later.
For AoS versions prior to 6.1.3.965.R01, update to version 6.1.3.965.R01 or later.
For AoS versions prior to 6.1.5.595.R01, update to version 6.1.5.595.R01 or later.
For AoS versions prior to 6.3.1.966.R01, update to version 6.3.1.966.R01 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Agranet-Emweb
Alcatel Omniswitch Os6600
Alcatel Omniswitch Os6800
Alcatel Omniswitch Os6850
Alcatel Omniswitch Os7000
Alcatel Omniswitch Os9000