CVE-2005-4175

Опубликовано: 11 дек. 2005

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Insyde BIOS V190 does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.

Ссылки

http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.kb.cert.org/vuls/id/847537
Third Party Advisory
US Government Resource
http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt
http://www.securityfocus.com/archive/1/419610/100/0/threaded
http://www.securityfocus.com/bid/15751
http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.kb.cert.org/vuls/id/847537
Third Party Advisory
US Government Resource
http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt
http://www.securityfocus.com/archive/1/419610/100/0/threaded
http://www.securityfocus.com/bid/15751

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:insyde:insyde_bios:v190:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.0013

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c4rm-hpgr-mj62

github

почти 4 года назад