|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4347 CVE : CVE-2008-4383 CWE : CWE-119 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : No Credit : dh layereddefense com Published : 07.10.2008
Advisory Content : ================================================== Layered Defense Research Advisory 12 August 2008 ================================================== 1) Affected Product Alcatel-Lucent OmniSwitch products OS7000 OS6600 OS6800 OS6850 OS9000 ================================================== 2) Severity Rating: critical Impact: Remotely exploitable without authentication. ================================================== 3) Description of Vulnerability A stack based buffer overflow was discovered within Alcatel OmniSwitch product line. This buffer overflow was discovered within the Agranet-Emweb embedded management web server and can be exploited remotely without user authentication. The vulnerability can be triggered on a 6200-24 running AOS Version 5.4.1.396.R01 by sending 2392 bytes in the http header ?Cookie: Session=? This appears to overwrite a return address on the stack giving the attacker control of the instruction pointer. The amount of bytes needed to trigger the overflow varies between AOS versions. ================================================== 4) Solution Fix: 1. Install AOS upgrades as recommended by Vendor 2. Disable Web services on OmniSwitch products ================================================== 5) Time Table: 05/21/2008 Reported Vulnerability to Vendor. 06/27/2008 Vendor acknowledged the vulnerability 08/06/2008 Vendor published hot fix ================================================== 6) Credits Discovered by Deral Heiland, www.LayeredDefense.com ================================================== 7) Reference http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm https://wws.cert-ist.com/fast-cgi/AV/Details.cgi?lang=eng&action=1&forma t=3&ref=CERT-IST/AV-2008.333 ================================================== 8) About Layered Defense Layered Defense, Is a group of security professionals that work together on ethical Research, Testing and Training within the information security arena. http://www.layereddefense.com ================================================== References : http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm
http://www.securitytracker.com/id?1020657
http://www.securityfocus.com/archive/1/archive/1/495343/100/0/threaded
http://www.layereddefense.com/alcatel12aug.html
http://secunia.com/advisories/31435  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |