Lucene search
K

72 matches found

CERT
CERT
added 2006/05/30 12:0 a.m.19 views

Secure Elements Class 5 AVR server fails to validate source address of messages

Overview The Secure Elements Class 5 AVR server fails to validate the source address of messages it receives. This may allow an attacker to forge messages to the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and...

7AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.23 views

Secure Elements Class 5 AVR client fails to properly validate the size of EM_GET_CE_PARAMETER messages

Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMGETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...

7.7AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR server fails to properly validate peer certificate when downloading updates

Overview The Secure Elements Class 5 AVR server fails to properly validate the peer certificate when downloading updates. This may allow a remote attacker to distribute malicious updates to the clients. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session

Overview Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session. This may allow an attacker to discover some information about encrypted messages. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

7AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.27 views

Secure Elements Class 5 AVR client fails to properly validate the size of EM_SET_CE_PARAMETER messages

Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMSETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...

7.7AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.15 views

Secure Elements Class 5 AVR server fails to enforce integrity of message digests

Overview The Secure Elements Class 5 AVR server fails to enforce integrity of message digests. This may allow a remote attacker to replay and modify messages without knowledge of any keys. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.15 views

Secure Elements Class 5 AVR client sends messages in cleartext

Overview The Secure Elements Class 5 AVR client sends messages in cleartext. This may allow an attacker to read traffic from an asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces security policies on...

6.9AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR client generates predictable CEIDs

Overview The Secure Elements Class 5 AVR client generates predictable CEIDs. This may allow an attacker to guess the unique identifier of a protected asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces...

7.1AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.14 views

Secure Elements Class 5 AVR client fails to validate source address of messages

Overview The Secure Elements Class 5 AVR client fails to validate the source address of messages. This may allow an attacker to execute arbitrary code with root privileges on a vulnerable client system. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

8.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.20 views

Secure Elements Class 5 AVR client fails to properly validate pathnames supplied in messages

Overview The Secure Elements Class 5 AVR client fails to properly validate pathnames supplied in messages, which may allow an attacker to overwrite any file on a vulnerable client as root. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.18 views

Secure Elements Class 5 AVR client fails to enforce integrity of message digests

Overview The Secure Elements Class 5 AVR client fails to enforce integrity of message digests. This may allow an attacker to replay modified messages to a vulnerable client. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.19 views

Secure Elements Class 5 AVR server contains hard-coded user ID and password

Overview The Secure Elements Class 5 AVR server contains a hard-coded user ID and password. This may allow a remote unauthenticated attacker to gain access to the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors an...

7.6AI score
Exploits0References1
Rows per page
Query Builder