The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of OmniPCX Enterprise

vulnerability alert CVE-2011-0344

Alcatel OmniPCX Enterprise: buffer overflow

Synthesis of the vulnerability

An attacker can create a buffer overflow on the web server of Alcatel OmniPCX Enterprise, in order to execute code.
Impacted products: OmniPCX Enterprise.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 01/03/2011.
Identifiers: BID-46640, CERTA-2011-AVI-128, CVE-2011-0344, VIGILANCE-VUL-10411, VU-101103-1.

Description of the vulnerability

The Alcatel OmniPCX Enterprise product has a web server with CGI applications.

An attacker can use a long HTTP parameter, in order to generate an overflow in a CGI.

An attacker can therefore create a buffer overflow on the web server of Alcatel OmniPCX Enterprise, in order to execute code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about OmniPCX Enterprise: