ID de Prueba:	1.3.6.1.4.1.25623.1.0.107112
Categoría:	Gain a shell remotely
Título:	Alcatel Lucent Omnivista 8770 RCE Vulnerability - Active Check
Resumen:	Alcatel Lucent Omnivista 8770 is prone to a remote command; execution (RCE) vulnerability.
Descripción:	Summary: Alcatel Lucent Omnivista 8770 is prone to a remote command execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to the fact that determined ORBs are exposed and they can be invoked without authentication. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code. Affected Software/OS: Alcatel Lucent Omnivista 8770 versions 2.0, 2.6 and 3.0 are known to be affected. Solution: The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the Omnivista server. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9796 BugTraq ID: 94649 http://www.securityfocus.com/bid/94649 https://www.exploit-db.com/exploits/40862/ http://blog.malerisch.net/2016/12/alcatel-omnivista-8770-unauth-rce-giop-corba.html https://github.com/malerisch/omnivista-8770-unauth-rce https://www.youtube.com/watch?v=aq37lQKa9sk
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.