Received a Critical alert from a Nessus scan today that one of our Dell 6248 PowerConnect switches is running A VxWorks WDB Debug Agent, and is therefore vulnerable.
Is there any way to simply disable this service/agent?
(VU#362332) refers to an exposed VxWorks debug service (WDB Agent). This service runs over UDP port 17185 and allows complete access to the device, including the ability to manipulate memory, steal data, and ultimately hijack the entire operating system.
Solution:
Disable the debug agent
Description:
"Synopsis: Arbitrary commands can be run on this port.
Description: A VxWorks WDB Debug Agent is running on this host.
Using this service, it is possible to read or write any memory zone or execute arbitrary code on the host. An attacker can use this flaw to take complete control of the affected device.
Solution: Disable the debug agent
Risk Factor: Critical
↧