PT-2010-4442 · Wind River · Vxworks

Published

2010-08-04

Updated

2010-08-05

CVE-2010-2968

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Wind River VxWorks (affected versions not specified)

Description The issue concerns the FTP daemon in Wind River VxWorks, which fails to close the TCP connection after multiple failed login attempts. This behavior makes it easier for remote attackers to gain access through a brute-force attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-2968

Affected Products

Vxworks

PT-2010-4442 · Wind River · Vxworks

CVE-2010-2968

Weakness Enumeration

Related Identifiers

Affected Products

References · 2