Test Kennung:	1.3.6.1.4.1.25623.1.0.107112
Kategorie:	Gain a shell remotely
Titel:	Alcatel Lucent Omnivista 8770 RCE Vulnerability - Active Check
Zusammenfassung:	Alcatel Lucent Omnivista 8770 is prone to a remote command; execution (RCE) vulnerability.
Beschreibung:	Summary: Alcatel Lucent Omnivista 8770 is prone to a remote command execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to the fact that determined ORBs are exposed and they can be invoked without authentication. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code. Affected Software/OS: Alcatel Lucent Omnivista 8770 versions 2.0, 2.6 and 3.0 are known to be affected. Solution: The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the Omnivista server. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9796 BugTraq ID: 94649 http://www.securityfocus.com/bid/94649 https://www.exploit-db.com/exploits/40862/ http://blog.malerisch.net/2016/12/alcatel-omnivista-8770-unauth-rce-giop-corba.html https://github.com/malerisch/omnivista-8770-unauth-rce https://www.youtube.com/watch?v=aq37lQKa9sk
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.