VxWorks WDB Debug Service Detection

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

Arbitrary commands can be run on this port.

Description :

A VxWorks WDB Debug Agent is running on this host.

Using this service, it is possible to read or write any memory zone or
execute arbitrary code on the host. An attacker can use this flaw to
take complete control of the affected device.

Solution :

Disable the debug agent or contact the device's vendor for a patch.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 10.0
(CVSS2#E:ND/RL:U/RC:ND)
Public Exploit Available : true

Family: RPC

Nessus Plugin ID: 48264 ()

Bugtraq ID: 42158

CVE ID: CVE-2010-2965