Part of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
5cd45b1c09ebec546267dae931c9ff29744617b38e2df6f7e0ab905d89d90e04
The Alcatel CTI Solution is completely broken by design and performs authentication validation client-side.
7e2e7e0578b17ca41d5ca1c3b86de59225fa2219cbd660340684ccbe44384690