Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.104007
Category:Nmap NSE net
Title:Nmap NSE net: wdb-version
Summary:Detects vulnerabilities and gathers information (such as version numbers and hardware support) from;VxWorks Wind DeBug agents.;;Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular;VxWorks real-time embedded operating system. H.D. Moore of Metasploit has identified several;security vulnerabilities and design flaws with the service, including weakly-hashed passwords and;raw memory dumping.;;SYNTAX:;;nfs.version: number If set overrides the detected version of nfs;;mount.version: number If set overrides the detected version of mountd;;rpc.protocol: table If set overrides the preferred order in which;protocols are tested. (ie. 'tcp', 'udp')
Description:Summary:
Detects vulnerabilities and gathers information (such as version numbers and hardware support) from
VxWorks Wind DeBug agents.

Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular
VxWorks real-time embedded operating system. H.D. Moore of Metasploit has identified several
security vulnerabilities and design flaws with the service, including weakly-hashed passwords and
raw memory dumping.

SYNTAX:

nfs.version: number If set overrides the detected version of nfs

mount.version: number If set overrides the detected version of mountd

rpc.protocol: table If set overrides the preferred order in which
protocols are tested. (ie. 'tcp', 'udp')

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-2965
CERT/CC vulnerability note: VU#362332
http://www.kb.cert.org/vuls/id/362332
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
CopyrightCopyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.