Vulnerabilites related to Wind River Systems - VxWorks
jvndb-2013-000018
Vulnerability from jvndb
Published
2013-03-18 14:33
Modified
2013-06-25 17:54
Severity ?
() - -
Summary
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Details
The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN45545972/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0711
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0711
ICS-CERT ADVISORY http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000018.html",
  "dc:date": "2013-06-25T17:54+09:00",
  "dcterms:issued": "2013-03-18T14:33+09:00",
  "dcterms:modified": "2013-06-25T17:54+09:00",
  "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS)  vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000018.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000018",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN45545972/index.html",
      "@id": "JVN#45545972",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0711",
      "@id": "CVE-2013-0711",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0711",
      "@id": "CVE-2013-0711",
      "@source": "NVD"
    },
    {
      "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
      "@id": "ICSA-13-091-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
}

jvndb-2013-000023
Vulnerability from jvndb
Published
2013-03-18 14:43
Modified
2013-06-25 18:15
Severity ?
() - -
Summary
VxWorks Web Server vulnerable to denial-of-service (DoS)
Details
The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service (DoS) vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN41022517/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0716
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0716
ICS-CERT ADVISORY http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000023.html",
  "dc:date": "2013-06-25T18:15+09:00",
  "dcterms:issued": "2013-03-18T14:43+09:00",
  "dcterms:modified": "2013-06-25T18:15+09:00",
  "description": "The VxWorks Web Server contains a denial-of-service vulnerability.\r\n\r\nThe VxWorks Web Server contains a denial-of-service (DoS) vulnerability.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000023.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000023",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN41022517/index.html",
      "@id": "JVN#41022517",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0716",
      "@id": "CVE-2013-0716",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0716",
      "@id": "CVE-2013-0716",
      "@source": "NVD"
    },
    {
      "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
      "@id": "ICSA-13-091-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks Web Server vulnerable to denial-of-service (DoS)"
}

jvndb-2013-000019
Vulnerability from jvndb
Published
2013-03-18 14:32
Modified
2013-06-25 17:57
Severity ?
() - -
Summary
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Details
The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN01611135/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0712
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0712
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000019.html",
  "dc:date": "2013-06-25T17:57+09:00",
  "dcterms:issued": "2013-03-18T14:32+09:00",
  "dcterms:modified": "2013-06-25T17:57+09:00",
  "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000019.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000019",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN01611135/index.html",
      "@id": "JVN#01611135",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0712",
      "@id": "CVE-2013-0712",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0712",
      "@id": "CVE-2013-0712",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
}

jvndb-2013-000022
Vulnerability from jvndb
Published
2013-03-18 14:40
Modified
2013-06-25 18:10
Severity ?
() - -
Summary
VxWorks WebCLI vulnerable to denial-of-service (DoS)
Details
The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN65923092/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0715
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0715
ICS-CERT ADVISORY http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000022.html",
  "dc:date": "2013-06-25T18:10+09:00",
  "dcterms:issued": "2013-03-18T14:40+09:00",
  "dcterms:modified": "2013-06-25T18:10+09:00",
  "description": "The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000022.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000022",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN65923092/index.html",
      "@id": "JVN#65923092",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0715",
      "@id": "CVE-2013-0715",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0715",
      "@id": "CVE-2013-0715",
      "@source": "NVD"
    },
    {
      "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
      "@id": "ICSA-13-091-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks WebCLI vulnerable to denial-of-service (DoS)"
}

jvndb-2013-000021
Vulnerability from jvndb
Published
2013-03-18 14:38
Modified
2013-06-25 18:06
Severity ?
() - -
Summary
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Details
The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN20671901/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0714
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0714
ICS-CERT ADVISORY http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000021.html",
  "dc:date": "2013-06-25T18:06+09:00",
  "dcterms:issued": "2013-03-18T14:38+09:00",
  "dcterms:modified": "2013-06-25T18:06+09:00",
  "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000021.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000021",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN20671901/index.html",
      "@id": "JVN#20671901",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0714",
      "@id": "CVE-2013-0714",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0714",
      "@id": "CVE-2013-0714",
      "@source": "NVD"
    },
    {
      "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
      "@id": "ICSA-13-091-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
}

jvndb-2013-000020
Vulnerability from jvndb
Published
2013-03-18 14:30
Modified
2013-06-25 18:01
Severity ?
() - -
Summary
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Details
The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
JVN http://jvn.jp/en/jp/JVN52492830/index.html
CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0713
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0713
ICS-CERT ADVISORY http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Wind River SystemsVxWorks
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000020.html",
  "dc:date": "2013-06-25T18:01+09:00",
  "dcterms:issued": "2013-03-18T14:30+09:00",
  "dcterms:modified": "2013-06-25T18:01+09:00",
  "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000020.html",
  "sec:cpe": {
    "#text": "cpe:/o:windriver:vxworks",
    "@product": "VxWorks",
    "@vendor": "Wind River Systems",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000020",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN52492830/index.html",
      "@id": "JVN#52492830",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0713",
      "@id": "CVE-2013-0713",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0713",
      "@id": "CVE-2013-0713",
      "@source": "NVD"
    },
    {
      "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
      "@id": "ICSA-13-091-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
}