mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
102 lines
3.5 KiB
JSON
102 lines
3.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cert@cert.org",
|
|
"ID": "CVE-2008-4383",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "30652",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/30652"
|
|
},
|
|
{
|
|
"name": "1020657",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id?1020657"
|
|
},
|
|
{
|
|
"name": "http://www.layereddefense.com/alcatel12aug.html",
|
|
"refsource": "MISC",
|
|
"url": "http://www.layereddefense.com/alcatel12aug.html"
|
|
},
|
|
{
|
|
"name": "omniswitch-session-bo(44400)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44400"
|
|
},
|
|
{
|
|
"name": "4347",
|
|
"refsource": "SREASON",
|
|
"url": "http://securityreason.com/securityalert/4347"
|
|
},
|
|
{
|
|
"name": "31435",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/31435"
|
|
},
|
|
{
|
|
"name": "20080812 Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/495343/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm"
|
|
},
|
|
{
|
|
"name": "ADV-2008-2346",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2008/2346"
|
|
}
|
|
]
|
|
}
|
|
} |