[2/5] Avaya Products Shadow “useradd.c” Insecure Mailbox File Permissions

June 29th, 2007 by

[2/5] Avaya Products Shadow “useradd.c” Insecure Mailbox File Permissions

:Avaya has acknowledged a security issue in various Avaya products, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.For more information:SA20370The security issue affects the following products:* Avaya Communication Manager (CM 2.x, 3.x and 4.x)* Avaya Messaging Storage Server (MSS 3.x)* Avaya Message Networking (MN 3.x)* Avaya CCS/SES (CCS/SES 3.1.1)* Avaya AES (AES 4.0)Solution:The vendor recommends that local and network access to the affected systems be restricted until an update is available.Original Advisory:http://support.avaya.com/elmodocs2/security/ASA-2007-249.htmOther References:SA20370:http://secunia.com/advisories/20370/

Original post by sonia

[2/5] Avaya Products Shadow “useradd.c” Insecure Mailbox File Permissions

Related Articles:

[1/5] Avaya Products Xterm Security Bypass Security Issue

[2/5] Avaya Products file Integer Underflow Vulnerability

[2/5] Avaya Products file “file_printf()” Integer Underflow Vulnerability

[2/5] Avaya Products Apache mod_proxy “date” Denial of Service

[2/5] Avaya Products tar Directory Traversal Vulnerability

Posted in Advisories - Exploits | | [2/5] Avaya Products Shadow “useradd.c” Insecure Mailbox File Permissions

<< [4/5] Debian update for krb5 | [2/5] 3Com IntelliJack Switch NJ220 Loopback Packet Processing Denial of Service >>

Cybertrion Systems

[2/5] Avaya Products Shadow “useradd.c” Insecure Mailbox File Permissions

Categories

Archives:

Search:

Meta: