CVE-2010-3281

Sažetak

Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.

Reference

http://secunia.com/advisories/41508
http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010002.pdf
http://www.nruns.com/_downloads/nruns-SA-2010-002.pdf
http://www.securityfocus.com/archive/1/513865
http://www.securityfocus.com/archive/1/513866
http://www.securityfocus.com/bid/43338
http://www.vupen.com/english/advisories/2010/2460
https://exchange.xforce.ibmcloud.com/vulnerabilities/61922

CVSS

Base:	5.4
Impact:	6.4
Exploitability:	5.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:A/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-08-2017 - 01:32

Objavljeno

23-09-2010 - 19:00