The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and previous versions uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote malicious users to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
windriver vxworks |
||
windriver vxworks 5.5 |
||
windriver vxworks 6.4 |
||
windriver vxworks 5 |
||
windriver vxworks 6 |