Alcatel-Lucent OmniSwitch Series Agranat-Embweb Management Server Session Cookie Handling Remote Overflow

Critical Nessus Plugin ID 69790


The remote device is missing a vendor-supplied security patch.


The remote Alcatel OmniSwitch device is affected by a buffer overflow vulnerability in its web server. An attacker could exploit it to gain control of the remote device.


Apply the relevant patch referenced in the Alcatel Security Advisory.

See Also

Plugin Details

Severity: Critical

ID: 69790

File Name: alcatel_aos_cve_2008_4383.nasl

Version: $Revision: 1.4 $

Type: local

Family: General

Published: 2013/09/05

Modified: 2016/10/07

Dependencies: 10107, 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:alcatel-lucent:omniswitch, cpe:/o:alcatel:aos

Required KB Items: Host/AOS/show_microcode

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/08/06

Vulnerability Publication Date: 2008/08/06

Reference Information

CVE: CVE-2008-4383

BID: 30652

OSVDB: 47586

IAVB: 2011-B-0141

CWE: 119