Vulnerability CVE-2009-3734


Published: 2010-01-05   Modified: 2012-02-13

Description:
Unspecified vulnerability in the management console in the S2 Security Linear eMerge Access Control System 2.5.x allows remote attackers to cause a denial of service (configuration reset) via a request to a crafted URI.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
S2sys -> Linear emerge access control system 

 References:
http://www.kb.cert.org/vuls/id/571629
http://www.slideshare.net/shawn_merdinger/we-dont-need-no-stinkin-badges-hacking-electronic-door-access-controllersquot-shawn-merdinger-carolinacon
http://www.kb.cert.org/vuls/id/WDON-7ZDNNZ
http://www.kb.cert.org/vuls/id/WDON-7ZDNNE
http://blip.tv/file/3414004

Copyright 2022, cxsecurity.com

 

Back to Top