MidnightBSD

Advisories for beck_ipc_gmbh

CVE-2001-0749 HIGH

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_embedded-webserver *
CVE-2001-1337 MEDIUM

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_embedded-webserver *
CVE-2001-1338 MEDIUM

Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_telnetd_server *
CVE-2001-1340 MEDIUM

Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_telnetd_server *
CVE-2001-1341 MEDIUM

The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote attackers to obtain sensitive network information via a request to the program.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_embedded-webserver *
CVE-2001-1428 HIGH

The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
beck_ipc_gmbh ipc_at_chip_embedded-webserver *