CVE-2010-2968
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
El demonio FTP en Wind River VxWorks no cierra adecuadamente la conexión TCP despues de un número de intentos fallidos de login, lo que hace que sea fácil para atacantes remotos obtener acceso a través de ataques de fuerza bruta.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-08-04 CVE Reserved
- 2010-08-04 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | <= 6.8 Search vendor "Windriver" for product "Vxworks" and version " <= 6.8" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 5 Search vendor "Windriver" for product "Vxworks" and version "5" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 5.5 Search vendor "Windriver" for product "Vxworks" and version "5.5" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 6 Search vendor "Windriver" for product "Vxworks" and version "6" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 6.4 Search vendor "Windriver" for product "Vxworks" and version "6.4" | - |
Affected
| ||||||