CVE-2008-4383

Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:alcatel:aos:*:*:*:*:*:*:*:*
cpe:2.3:o:alcatel:aos:*:*:*:*:*:*:*:*
cpe:2.3:o:alcatel:aos:*:*:*:*:*:*:*:*
cpe:2.3:o:alcatel:aos:*:*:*:*:*:*:*:*
cpe:2.3:o:alcatel:aos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:alcatel-lucent:omniswitch:os6600:*:*:*:*:*:*:*
cpe:2.3:h:alcatel-lucent:omniswitch:os6800:*:*:*:*:*:*:*
cpe:2.3:h:alcatel-lucent:omniswitch:os6850:*:*:*:*:*:*:*
cpe:2.3:h:alcatel-lucent:omniswitch:os7000:*:*:*:*:*:*:*
cpe:2.3:h:alcatel-lucent:omniswitch:os9000:*:*:*:*:*:*:*

History

21 Nov 2024, 00:51

Type Values Removed Values Added
References () http://secunia.com/advisories/31435 - Third Party Advisory () http://secunia.com/advisories/31435 - Third Party Advisory
References () http://securityreason.com/securityalert/4347 - Third Party Advisory () http://securityreason.com/securityalert/4347 - Third Party Advisory
References () http://www.layereddefense.com/alcatel12aug.html - Broken Link () http://www.layereddefense.com/alcatel12aug.html - Broken Link
References () http://www.securityfocus.com/archive/1/495343/100/0/threaded - Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/495343/100/0/threaded - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/30652 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/30652 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id?1020657 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id?1020657 - Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2008/2346 - Third Party Advisory () http://www.vupen.com/english/advisories/2008/2346 - Third Party Advisory
References () http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm - Vendor Advisory () http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44400 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/44400 - Third Party Advisory, VDB Entry

Information

Published : 2008-10-03 22:22

Updated : 2024-11-21 00:51


NVD link : CVE-2008-4383

Mitre link : CVE-2008-4383

CVE.ORG link : CVE-2008-4383


JSON object : View

Products Affected

alcatel-lucent

  • omniswitch

alcatel

  • aos
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer