Nexpose Vulnerability Database
Search Hints
- Try searching for a product or vendor.
- Only vulnerabilities that match all search terms will be returned.
- Enclose search terms in double quotes for an exact search.
- For CVE searches, only enter the CVE-YYYY-XXXX code.
Get Nexpose now
Search vulnerabilities with Rapid7's vulnerability management solution
FREE DOWNLOADVxWorks Remote Debug Service Exposed
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| Critical (8) | 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Nov 21, 2005 | Jul 7, 2010 | Mar 2, 2011 |
Description:
Certain VxWorks-based products ship with the remote debugging service enabled. This service provides remote access to the processor and memory of the device, which can be abused by an attacker to compromise the device or gather sensitive information.
Vulnerability Management
Get your solution now
References:
- BID: http://www.securityfocus.com/bid/15456
- BID: http://www.securityfocus.com/bid/15475
- CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3715
- CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3804
- SECUNIA: http://secunia.com/advisories/17604/
- SECUNIA: http://secunia.com/advisories/17606/
- XF: http://xforce.iss.net/xforce/xfdb/23068
Solution:
- Upgrade the device firmware to a fixed release
Contact your vendor for an updated firmware version.
- Restrict access to UDP port 17185
Apply ACLs, firewall rules or otherwise restrict access to UDP port 17185.
Download Nexpose
Download our vulnerability management solution, Nexpose, for free today. Scan 100% of your infrastructure for vulnerabilities, understand your risk exposure, compare and prioritize your vulnerabilities and verify that they are remediated.