Vulnerability Description
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alcatel-Lucent | Omnivista 4760 Server | <= 5.1.06.03.c |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/41508Vendor Advisory
- http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=CorporateVendor Advisory
- http://www.nruns.com/_downloads/nruns-SA-2010-002.pdf
- http://www.securityfocus.com/archive/1/513865
- http://www.securityfocus.com/archive/1/513866
- http://www.securityfocus.com/bid/43338
- http://www.vupen.com/english/advisories/2010/2460Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61922
- http://secunia.com/advisories/41508Vendor Advisory
- http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=CorporateVendor Advisory
- http://www.nruns.com/_downloads/nruns-SA-2010-002.pdf
- http://www.securityfocus.com/archive/1/513865
- http://www.securityfocus.com/archive/1/513866
- http://www.securityfocus.com/bid/43338
- http://www.vupen.com/english/advisories/2010/2460Vendor Advisory
FAQ
What is CVE-2010-3281?
CVE-2010-3281 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service ...
How severe is CVE-2010-3281?
CVE-2010-3281 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3281?
Check the references section above for vendor advisories and patch information. Affected products include: Alcatel-Lucent Omnivista 4760 Server.