Sign-up

ID

VAR-200810-0216


CVE

CVE-2008-4383


TITLE

Alcatel OmniSwitch Device stack-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-003493

DESCRIPTION

Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie. Alcatel-Lucent OmniSwitch products are prone to a remote buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected software. Failed exploit attempts will result in a denial-of-service condition. Alcatel-Lucent OmniSwitch is a network switch product of French Alcatel-Lucent (Alcatel-Lucent). If the user sends 2392 bytes of data in the Cookie: Session= header, this overflow can be triggered, resulting in the execution of arbitrary instructions. The number of bytes required to trigger this overflow varies with the AOS version. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Alcatel-Lucent OmniSwitch Series Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA31435 VERIFY ADVISORY: http://secunia.com/advisories/31435/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From local network OPERATING SYSTEM: Alcatel-Lucent OmniSwitch 7000 Series http://secunia.com/product/789/ Alcatel-Lucent OmniSwitch 6600 Series http://secunia.com/product/19553/ Alcatel-Lucent OmniSwitch 6800 Series http://secunia.com/product/19554/ Alcatel-Lucent OmniSwitch 6850 Series http://secunia.com/product/19555/ Alcatel-Lucent OmniSwitch 9000 Series http://secunia.com/product/19556/ DESCRIPTION: Deral Heiland has reported a vulnerability in various OmniSwitch products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in the following Alcatel OmniSwitch products: * OS7000 Series * OS6600 Series * OS6800 Series * OS6850 Series * OS9000 Series SOLUTION: Update to the following versions: * 5.4.1.429.R01 or higher * 5.1.6.463.R02 or higher * 6.1.3.965.R01 or higher * 6.1.5.595.R01 or higher * 6.3.1.966.R01 or higher Contact the Alcatel-Lucent Technical Support for availability of other releases. PROVIDED AND/OR DISCOVERED BY: Deral Heiland, Layered Defense Research ORIGINAL ADVISORY: Alcatel-Lucent: http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm Layered Defense Research: http://www.layereddefense.com/alcatel12aug.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-4383 // JVNDB: JVNDB-2008-003493 // BID: 30652 // VULHUB: VHN-34508 // PACKETSTORM: 68969

AFFECTED PRODUCTS

vendor:alcatel lucentmodel:omniswitchscope:eqversion:os6850

Trust: 1.4

vendor:alcatel lucentmodel:omniswitchscope:eqversion:os9000

Trust: 1.4

vendor:alcatel lucentmodel:omniswitchscope:eqversion:os7000

Trust: 1.4

vendor:alcatel lucentmodel:omniswitchscope:eqversion:os6600

Trust: 1.4

vendor:alcatel lucentmodel:omniswitchscope:eqversion:os6800

Trust: 1.4

vendor:alcatelmodel:aosscope:gteversion:6.1.5

Trust: 1.0

vendor:alcatelmodel:aosscope:ltversion:6.1.3.965.r01

Trust: 1.0

vendor:alcatelmodel:aosscope:ltversion:6.1.5.595.r01

Trust: 1.0

vendor:alcatelmodel:aosscope:gteversion:6.3

Trust: 1.0

vendor:alcatelmodel:aosscope:gteversion:6.1.3

Trust: 1.0

vendor:alcatelmodel:aosscope:ltversion:5.1.6.463.r02

Trust: 1.0

vendor:alcatelmodel:aosscope:gteversion:5.4

Trust: 1.0

vendor:alcatelmodel:aosscope:ltversion:6.3.1.966.r01

Trust: 1.0

vendor:alcatelmodel:aosscope:ltversion:5.4.1.429.r01

Trust: 1.0

vendor:alcatelmodel:aosscope:gteversion:5.1

Trust: 1.0

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:ltversion:6.1.3

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:eqversion:6.1.5.595.r01

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:eqversion:6.1.3.965.r01

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:ltversion:5.4

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:eqversion:6.3.1.966.r01

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:eqversion:5.4.1.429.r01

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:ltversion:6.3

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:ltversion:6.1.5

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:eqversion:5.1.6.463.r02

Trust: 0.8

vendor:alcatel lucentmodel:alcatel-lucent operating systemscope:ltversion:5.1

Trust: 0.8

vendor:alcatelmodel:aosscope:eqversion:5.1.6.463

Trust: 0.6

vendor:alcatelmodel:aosscope:eqversion:6.1.3.965

Trust: 0.6

vendor:alcatelmodel:aosscope:eqversion:5.4.1.429

Trust: 0.6

vendor:alcatelmodel:aosscope:eqversion:6.3.1.966

Trust: 0.6

vendor:alcatelmodel:aosscope:eqversion:5.1.1

Trust: 0.6

vendor:alcatel lucentmodel:omniswitch os9000 seriesscope: - version: -

Trust: 0.3

vendor:alcatel lucentmodel:omniswitch os7000 seriesscope: - version: -

Trust: 0.3

vendor:alcatel lucentmodel:omniswitch os6850 seriesscope: - version: -

Trust: 0.3

vendor:alcatel lucentmodel:omniswitch os6800 seriesscope: - version: -

Trust: 0.3

vendor:alcatel lucentmodel:omniswitch os6600 seriesscope: - version: -

Trust: 0.3

sources: BID: 30652 // JVNDB: JVNDB-2008-003493 // CNNVD: CNNVD-200810-030 // NVD: CVE-2008-4383

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4383
value: HIGH

Trust: 1.0

NVD: CVE-2008-4383
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200810-030
value: CRITICAL

Trust: 0.6

VULHUB: VHN-34508
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-4383
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-34508
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-34508 // JVNDB: JVNDB-2008-003493 // CNNVD: CNNVD-200810-030 // NVD: CVE-2008-4383

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-34508 // JVNDB: JVNDB-2008-003493 // NVD: CVE-2008-4383

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200810-030

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200810-030

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-003493

PATCH
title:Top Pageurl:http://www.alcatel-lucent.com
Trust: 0.8
title:PR 122812url:http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-003493

EXTERNAL IDS
db:NVDid:CVE-2008-4383
Trust: 2.8
db:BIDid:30652
Trust: 2.0
db:SECUNIAid:31435
Trust: 1.8
db:SREASONid:4347
Trust: 1.7
db:SECTRACKid:1020657
Trust: 1.7
db:VUPENid:ADV-2008-2346
Trust: 1.7
db:JVNDBid:JVNDB-2008-003493
Trust: 0.8
db:XFid:44400
Trust: 0.6
db:BUGTRAQid:20080812 LAYERED DEFENSE RESEARCH ADVISORY: ALCATEL-LUCENT OMNISWITCH PRODUCTS, STACK BUFFER OVERFLOW
Trust: 0.6
db:CNNVDid:CNNVD-200810-030
Trust: 0.6
db:VULHUBid:VHN-34508
Trust: 0.1
db:PACKETSTORMid:68969
Trust: 0.1
sources:
            
            
            VULHUB: VHN-34508 // 
            
            
            
            BID: 30652 // 
            
            
            
            JVNDB: JVNDB-2008-003493 // 
            
            
            
            PACKETSTORM: 68969 // 
            
            
            
            CNNVD: CNNVD-200810-030 // 
            
            
            
            NVD: CVE-2008-4383

REFERENCES
url:http://www1.alcatel-lucent.com/psirt/statements/2008002/omniswitch.htm
Trust: 2.1
url:http://www.layereddefense.com/alcatel12aug.html
Trust: 1.8
url:http://www.securityfocus.com/bid/30652
Trust: 1.7
url:http://www.securitytracker.com/id?1020657
Trust: 1.7
url:http://secunia.com/advisories/31435
Trust: 1.7
url:http://securityreason.com/securityalert/4347
Trust: 1.7
url:http://www.vupen.com/english/advisories/2008/2346
Trust: 1.7
url:http://www.securityfocus.com/archive/1/495343/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/44400
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4383
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4383
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/44400
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/495343/100/0/threaded
Trust: 0.6
url:http://www.alcatel-lucent.com/
Trust: 0.3
url:http://www1.alcatel-lucent.com/products/keywordresults.jsp?_requestid=28458
Trust: 0.3
url:/archive/1/495343
Trust: 0.3
url:http://secunia.com/advisories/31435/
Trust: 0.1
url:http://secunia.com/product/19554/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/19553/
Trust: 0.1
url:http://secunia.com/product/19555/
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/secunia_security_specialist/
Trust: 0.1
url:http://secunia.com/product/789/
Trust: 0.1
url:http://corporate.secunia.com/about_secunia/64/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/19556/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-34508 // 
            
            
            
            BID: 30652 // 
            
            
            
            JVNDB: JVNDB-2008-003493 // 
            
            
            
            PACKETSTORM: 68969 // 
            
            
            
            CNNVD: CNNVD-200810-030 // 
            
            
            
            NVD: CVE-2008-4383

CREDITS
Deral Heiland※http://www.layereddefense.com/
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200810-030

SOURCES
db:VULHUBid:VHN-34508
db:BIDid:30652
db:JVNDBid:JVNDB-2008-003493
db:PACKETSTORMid:68969
db:CNNVDid:CNNVD-200810-030
db:NVDid:CVE-2008-4383

LAST UPDATE DATE
2025-04-10T23:21:35.587000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-34508date:2018-11-02T00:00:00
db:BIDid:30652date:2015-05-07T17:25:00
db:JVNDBid:JVNDB-2008-003493date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200810-030date:2009-03-18T00:00:00
db:NVDid:CVE-2008-4383date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-34508date:2008-10-03T00:00:00
db:BIDid:30652date:2008-08-06T00:00:00
db:JVNDBid:JVNDB-2008-003493date:2012-06-26T00:00:00
db:PACKETSTORMid:68969date:2008-08-13T01:46:19
db:CNNVDid:CNNVD-200810-030date:2008-08-06T00:00:00
db:NVDid:CVE-2008-4383date:2008-10-03T22:22:41.057