Vendor CVEs
Alcatel Lucent
All CVEs
60 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1272 | 0.00 | — | 0.05 | Dec 11, 2002 | Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | |||
| CVE-2002-0295 | 0.00 | — | 0.00 | May 31, 2002 | Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges. | |||
| CVE-2002-0293 | 0.00 | — | 0.00 | May 31, 2002 | FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | |||
| CVE-2002-0294 | 0.00 | — | 0.00 | May 31, 2002 | Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system. | |||
| CVE-2002-0119 | 0.00 | — | 0.02 | Mar 25, 2002 | Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection. | |||
| CVE-2001-1484 | 0.00 | — | 0.02 | Dec 31, 2001 | Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication. | |||
| CVE-2001-1424 | 0.00 | — | 0.04 | Apr 10, 2001 | Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | |||
| CVE-2001-1425 | 0.00 | — | 0.04 | Apr 10, 2001 | The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during… | |||
| CVE-2001-1426 | 0.00 | — | 0.02 | Apr 10, 2001 | Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations. | |||
| CVE-1999-1559 | 0.00 | — | 0.02 | Mar 31, 1999 | Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. |
- CVE-2002-1272Dec 11, 2002risk 0.00cvss —epss 0.05
Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.
- CVE-2002-0295May 31, 2002risk 0.00cvss —epss 0.00
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
- CVE-2002-0293May 31, 2002risk 0.00cvss —epss 0.00
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
- CVE-2002-0294May 31, 2002risk 0.00cvss —epss 0.00
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.
- CVE-2002-0119Mar 25, 2002risk 0.00cvss —epss 0.02
Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.
- CVE-2001-1484Dec 31, 2001risk 0.00cvss —epss 0.02
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication.
- CVE-2001-1424Apr 10, 2001risk 0.00cvss —epss 0.04
Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access.
- CVE-2001-1425Apr 10, 2001risk 0.00cvss —epss 0.04
The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during…
- CVE-2001-1426Apr 10, 2001risk 0.00cvss —epss 0.02
Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations.
- CVE-1999-1559Mar 31, 1999risk 0.00cvss —epss 0.02
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
Page 2 of 2