Page 6 of 27 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2010-2967

https://notcve.org/view.php?id=CVE-2010-2967

The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. El algoritmo loginDefaultEncrypt en loginLib en Wind River VxWorks anterior v6.9 no soporta adecuadamente un amplio conjunto de distintas posibilidades de contraseña, lo que hace fácil para atacantes remotos obtner acceso a través de una sesión (1) telnet, (2) rlogin, o (3) FTP. • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html http://www.kb.cert.org/vuls/id/840249 http://www.kb.cert.org/vuls/id/MAPG-863QH9 https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709 • CWE-310: Cryptographic Issues •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2010-2968

https://notcve.org/view.php?id=CVE-2010-2968

The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. El demonio FTP en Wind River VxWorks no cierra adecuadamente la conexión TCP despues de un número de intentos fallidos de login, lo que hace que sea fácil para atacantes remotos obtener acceso a través de ataques de fuerza bruta. • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html • CWE-264: Permissions, Privileges, and Access Controls •