Vulnerability CVE-2001-1339


Published: 2001-05-24   Modified: 2012-02-12

Description:
Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote attackers to conduct brute force password guessing attacks.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Beck ipc gmbh -> Ipc at chip embedded-webserver 

 References:
http://www.kb.cert.org/vuls/id/198979
http://www.securityfocus.com/bid/2771
http://www.securityfocus.com/archive/1/186418
http://www.iss.net/security_center/static/6605.php
http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00010.html

Copyright 2024, cxsecurity.com

 

Back to Top