CVE-2013-0711
published 2013-03-20CVE-2013-0711: IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted…
PriorityP338high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
3.27%
86.9th percentile
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Wind River VxWorks SSH and Web Server and General Electric D20MX (Update A)
cisa_ics·2013-04-01·CVSS 7.8
[HIGH] Wind River VxWorks SSH and Web Server and General Electric D20MX (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Wind River VxWorks SSH and Web Server and General Electric D20MX (Update A)
Last RevisedFebruary 21, 2019
Alert CodeICSA-13-091-01
## 1. EXECUTIVE SUMMARY
-
CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Wind River, General Electric
- Equipment: VxWorks, D20MX
--------- Begin Update A Part 1 of 4 ---------
- Vulnerabilities: Improper Input Validation
--------- End Update A Part 1 of 4 ---------
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-13-091-01 Wind River VxWorks SSH and Web Ser
GHSA
GHSA-wx95-55p4-5w59: IPSSH (aka the SSH server) in Wind River VxWorks 6
ghsa_unreviewed·2022-05-17
CVE-2013-0711 [HIGH] CWE-20 GHSA-wx95-55p4-5w59: IPSSH (aka the SSH server) in Wind River VxWorks 6
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01http://jvn.jp/en/jp/JVN45545972/995359/index.htmlhttp://jvn.jp/en/jp/JVN45545972/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2013-000018http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01http://jvn.jp/en/jp/JVN45545972/995359/index.htmlhttp://jvn.jp/en/jp/JVN45545972/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2013-000018
2013-03-20
Published