Description
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.
Affected products
- Alcatel-Lucent / omnivista_4760_server5.1.06.03.c
- Alcatel-Lucent / omnivista_4760_server4.1.13.00 – 4.1.13.00
- Alcatel-Lucent / omnivista_4760_server5.0 – 5.0
- Alcatel-Lucent / omnivista_4760_server5.1 – 5.1
- Alcatel-Lucent / omnivista_4760_server5.1.06.03.c – 5.1.06.03.c
References
- MISChttp://www.nruns.com/_downloads/nruns-SA-2010-002.pdf
- MISChttp://www.securityfocus.com/archive/1/513865
- MISChttp://www.securityfocus.com/archive/1/513866
- MISChttp://www.securityfocus.com/bid/43338
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/2460
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/61922
- VENDOR_ADVISORYhttp://secunia.com/advisories/41508
- MISChttp://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010002.pdf