VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

JVN#49602378 ( JVNDB-2009-000079 )

SEIL/B1 authentication issue

http://jvn.jp/jp/JVN49602378/index.html

SEIL/B1 contains an issue in the implementation of the PPP Access Concentrator (PPPAC) function, which may allow replay attacks to be performed during the authentication process.

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2009-12-09

Source Information Category:

Advisory, Alert

Last Updated:

2009-12-09

Affected Product Tags

lapt:/h:internet_initiative_japan:seil_b1 (SEIL/B1)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

JVN iPedia JVNDB-2009-000079 SEIL/B1 の認証処理における脆弱性

SEIL/B1 には、PPP アクセスコンセントレータ (PPPAC) 機能の実装上の問題により、認証が適切に行われない可能性があります。

References