Product:

Messaging_storage_server

(Avaya)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2009-03-30 CVE-2009-0115 The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. Intuity_audix_lx, Message_networking, Messaging_storage_server, Multipath\-Tools, Debian_linux, Fedora, Ctpview, Open_enterprise_server, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server 7.8
2006-04-04 CVE-2006-1058 BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. Aura_application_enablement_services, Aura_sip_enablement_services, Message_networking, Messaging_storage_server, Busybox 5.5
2001-12-31 CVE-2001-1494 script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. Cvlan, Integrated_management_suit, Interactive_response, Intuity_lx, Message_networking, Messaging_storage_server, Util\-Linux 5.5
2008-07-09 CVE-2008-2812 The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. Communication_manager, Expanded_meet\-Me_conferencing, Intuity_audix_lx, Meeting_exchange, Message_networking, Messaging_storage_server, Proactive_contact, Sip_enablement_services, Ubuntu_linux, Debian_linux, Linux_kernel, Linux_desktop, Opensuse, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server 7.8
2008-07-08 CVE-2008-3081 Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter... Messaging_storage_server N/A
2007-11-05 CVE-2007-5830 Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation." Message_networking, Messaging_storage_server N/A