In association with heise online

« previous | next »
24 September 2007, 13:26

Hole in OmniPCX Enterprise communications software

Security service provider RedTeam Pentesting has found a hole in Alcatel Lucent's OmniPCX enterprise telecommunications solution. The Unified Maintenance Tool CGI script (used by the Web server for maintenance) allows arbitrary shell commands to be executed. The problem results from improper filtering of user variables: additional parameters separated by semicolons can be passed to the script and to the shell:

curl -k "https://www.example.com/cgi-bin/masterCGI?ping=nomip&user=;ls\${IFS}-l;"

All versions of OmniPCX Enterprise up to and including R 7.1 are affected. An update closes the hole. The vendor also recommends disabling the Web server, although then some nice-to-have functions are no longer available.

See also:

(mba)

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-733694

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Palit GeForce GTX 670
  9. Diablo 3 (deutsch)
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit