CVE-2007-3010 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-3010
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3010

Description: masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36632 SAID Secunia Advisory: SA26853 OSVDB 40521 MISC http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php FULLDISC http://marc.info/?l=full-disclosure&m=119002152126755&w=2 CONFIRM http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/479699/100/0/threaded BID 25694

Return to the previous page.