Design/Logic Flaw

2010-08-0513:22:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON

The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

CPENameOperatorVersion
vxworkseq6
vxworkseq5
vxworkseq6.4
vxworksle6.8
vxworkseq5.5

Name	Operator	Version
vxworks	eq	6
vxworks	eq	5
vxworks	eq	6.4
vxworks	le	6.8
vxworks	eq	5.5

References

blog.metasploit.com/2010/08/vxworks-vulnerabilities.html