Vulnerabilities > Alcatel > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-03 | CVE-2008-4383 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Alcatel AOS Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie. | 10.0 |
2007-10-12 | CVE-2007-5383 | Improper Authentication vulnerability in multiple products The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. | 10.0 |
2002-12-11 | CVE-2002-1272 | Remote Access vulnerability in Alcatel AOS 5.1.1 Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | 10.0 |