|
|
|
|
| |
Credit:
The information has been provided by Axel Rengstorf .
The original article can be found at: http://seclists.org/fulldisclosure/2010/Sep/326
|
| |
Vulnerable Systems:
* OmniVista 4760 server all versions prior to release R5.1.06.03.c_Patch3
Immune Systems:
* OmniVista 4760 server release R5.1.06.03.c_Patch3
By sending a long HTTP GET request it is possible to overwrite CPU registers. Due to this vulnerability, an attacker can control the execution path remotely.
Workaround:
Protect the HTTP proxy function on the 4760 server with the Windows internal firewall by restricting access to workstations with a known pre-declared IP address.
In the windows firewall configuration, for the exception concerning the 4760 Communication Server, modify the extent of allowed systems by removing the authorization for any IP system with the precise list of the specifically allowed IP addresses. Note: include the 4760 server own address in this list to enable the embedded 4760 client as well.
CVE Information:
CVE-2010-3281
Disclosure Timeline:
2010/02/16 initial information to Alcatel-Lucent
2010/08/10 Alcatel-Lucent confirms that vulnerability is fixed (fix date: 2010/05/06)
2010/09/20 This advisory is released
|
|
|
|
|
