PT-1997-1216 · Xyplex · Xyplex Terminal Server

Publicado

1997-11-26

Atualizado

2017-12-19

CVE-1999-1257

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Xyplex terminal server version 6.0.1S1

Description The issue allows remote attackers to bypass the password prompt. This can be achieved by entering either a CTRL-Z character or a ? (question mark).

Recommendations For version 6.0.1S1, consider restricting remote access until a fix is available, and avoid using the password prompt as the sole means of authentication. As a temporary workaround, monitor login attempts for the use of CTRL-Z or ? characters to detect potential bypass attempts.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-1257

Produtos afetados

Xyplex Terminal Server

PT-1997-1216 · Xyplex · Xyplex Terminal Server

CVE-1999-1257

Identificadores relacionados

Produtos afetados

Referências · 4