Vulnerabilities > Avaya

DATE CVE VULNERABILITY TITLE RISK
2003-12-31 CVE-2003-1359 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
local
low complexity
hp avaya CWE-119
7.2
2002-10-28 CVE-2002-1229 Unspecified vulnerability in Avaya products
Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.
network
low complexity
avaya
7.5
2002-07-08 CVE-2002-1448 Unspecified vulnerability in Avaya Cajun M770-Atm, Cajun P130 and Cajun P330
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.
network
low complexity
avaya
7.5
2002-04-22 CVE-2002-0176 Unspecified vulnerability in Avaya Libsafe
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.
local
low complexity
avaya
4.6
2002-04-22 CVE-2002-0175 Unspecified vulnerability in Avaya Libsafe
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
local
low complexity
avaya
4.6
2001-12-31 CVE-2001-1494 Link Following vulnerability in multiple products
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
local
low complexity
kernel avaya CWE-59
5.5
2001-08-07 CVE-2001-1262 Security Bypass vulnerability in Avaya Argent Office 2.1
Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string.
network
low complexity
avaya
7.5
2001-08-07 CVE-2001-1261 Denial-Of-Service vulnerability in Avaya Argent Office 2.1
Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.
network
low complexity
avaya
5.0
2001-08-07 CVE-2001-1260 Denial-Of-Service vulnerability in Argent Office
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
network
low complexity
avaya
critical
10.0
2001-08-07 CVE-2001-1259 Denial-Of-Service vulnerability in Argent Office
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.
network
low complexity
avaya
5.0