Executive Summary
Summary | |
---|---|
Title | Wind River Systems VxWorks debug service enabled by default |
Informations | |||
---|---|---|---|
Name | VU#362332 | First vendor Publication | 2010-08-02 |
Vendor | VU-CERT | Last vendor Modification | 2010-08-25 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#362332Wind River Systems VxWorks debug service enabled by defaultOverviewSome products based on VxWorks have the WDB target agent debug service enabled by default. This service provides read/write access to the device's memory and allows functions to be called.I. DescriptionThe VxWorks WDB target agent is a target-resident, run-time facility that is required for connecting host tools to a VxWorks target system during development. WDB is a selectable component in the VxWorks configuration and is enabled by default. The WDB debug agent access is not secured and does provide a security hole in a deployed system.It is advisable for production systems to reconfigure VxWorks with only those components needed for deployed operation and to build it as the appropriate type of system image. It is recommended to remove host development components such as the WDB target agent and debugging components (INCLUDE_WDB and INCLUDE_DEBUG) as well as other operating system components that are not required to support customer applications. Vendors should remove the WDB target debug agent in their VxWorks based products by removing the INCLUDE_WDB & INCLUDE_DEBUG components from their VxWorks Image.
Referenceshttp://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml Thanks to HD Moore for reporting a wider scope with additional research related to this vulnerability. Earlier public reports came from Bennett Todd and Shawn Merdinger. This document was written by Jared Allar.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/362332 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-12-14 | Name : VxWorks Debugging Service Security-Bypass Vulnerability File : nvt/gb_xvworks_debugging_service_42158.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
66842 | Wind River Systems' VxWorks WDB Debug Service Remote Arbitrary Memory Manipul... VxWorks contains a flaw that may allow a remote attacker to read and write arbitrary memory on the device. The issue is triggered by leaving the WDB target agent debug service enabled by default. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | VxWorks remote debugging agent login attempt RuleID : 17110 - Revision : 5 - Type : APP-DETECT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-08-06 | Name : Arbitrary commands can be run on this port. File : wdb_agent_detect.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:15 |
|
2014-02-17 12:07:46 |
|
2014-01-19 21:31:03 |
|