CVE-2005-4176

Опубликовано: 11 дек. 2005

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.

Ссылки

http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.kb.cert.org/vuls/id/847537
Third Party Advisory
US Government Resource
http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt
http://www.securityfocus.com/archive/1/419610/100/0/threaded
http://www.securityfocus.com/bid/15751
http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.kb.cert.org/vuls/id/847537
Third Party Advisory
US Government Resource
http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt
http://www.securityfocus.com/archive/1/419610/100/0/threaded
http://www.securityfocus.com/bid/15751

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:award:award_bios_modular:4.50pg:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.0094

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5fq6-q26j-jpfr

github

почти 4 года назад