2) Severity Rating:
critical
Impact: Remotely exploitable without authentication.
3) Description of Vulnerability
A stack based buffer overflow was discovered within Alcatel OmniSwitch product line.
This buffer overflow was discovered within the Agranet-Emweb embedded management web server and can be exploited
remotely without user authentication.
The vulnerability can be triggered on a 6200-24 running AOS Version 5.4.1.396.R01 by sending 2392 bytes in the http
header “Cookie: Session=” This appears to overwrite a return address on the stack giving the attacker control of the
instruction pointer. The amount of bytes needed to trigger the overflow varies between AOS versions.