Published: 11/12/2005 Updated: 19/10/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 220

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product

source: wwwsecurityfocuscom/bid/15751/info Multiple vendors fail to clear the BIOS (Basic Input-Output System) keyboard buffer after reading the preboot authentication password during the system startup process Depending on the operating system running on affected computers, the memory region may or may not be available for user-level ...

source: wwwsecurityfocuscom/bid/15751/info Multiple vendors fail to clear the BIOS (Basic Input-Output System) keyboard buffer after reading the preboot authentication password during the system startup process Depending on the operating system running on affected computers, the memory region may or may not be available for user-level a ...

NVD-CWE-Other http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt http://www.kb.cert.org/vuls/id/847537 http://www.securityfocus.com/bid/15751 http://www.ivizsecurity.com/preboot-patch.html http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf http://www.securityfocus.com/archive/1/419610/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/26753/

CVE-2005-4176

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect