Omnipcx
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-0344 | 0.00 | — | 0.02 | Mar 8, 2011 | Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code… | |||
| CVE-2007-5361 | 0.00 | — | 0.02 | Nov 20, 2007 | The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a… | |||
| CVE-2007-2512 | 0.00 | — | 0.01 | Jun 7, 2007 | Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems. | |||
| CVE-2003-1108 | 0.00 | — | 0.05 | Dec 31, 2003 | The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||
| CVE-2002-1691 | 0.00 | — | 0.04 | Dec 31, 2002 | Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access. | |||
| CVE-2002-0295 | 0.00 | — | 0.00 | May 31, 2002 | Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges. | |||
| CVE-2002-0293 | 0.00 | — | 0.00 | May 31, 2002 | FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | |||
| CVE-2002-0294 | 0.00 | — | 0.00 | May 31, 2002 | Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system. |
- CVE-2011-0344Mar 8, 2011risk 0.00cvss —epss 0.02
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code…
- CVE-2007-5361Nov 20, 2007risk 0.00cvss —epss 0.02
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a…
- CVE-2007-2512Jun 7, 2007risk 0.00cvss —epss 0.01
Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems.
- CVE-2003-1108Dec 31, 2003risk 0.00cvss —epss 0.05
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
- CVE-2002-1691Dec 31, 2002risk 0.00cvss —epss 0.04
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
- CVE-2002-0295May 31, 2002risk 0.00cvss —epss 0.00
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
- CVE-2002-0293May 31, 2002risk 0.00cvss —epss 0.00
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
- CVE-2002-0294May 31, 2002risk 0.00cvss —epss 0.00
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.