RSS   Podatności dla 'Steam link firmware'   RSS

2017-12-27
 
CVE-2017-17878

CWE-327
 

 
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).

 
 
CVE-2017-17877

CWE-noinfo
 

 
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878.

 

 >>> Vendor: Valvesoftware 7 Produkty
Counter-strike
Steamos
Steam link firmware
Steam
Steam client
Dota 2
Game networking sockets


Copyright 2021, cxsecurity.com

 

Back to Top