Unsolved
This post is more than 5 years old
1 Message
0
99037
June 3rd, 2014 13:00
Critical Scan: A VxWorks WDB Debug Agent is running on this host.
Received a Critical alert from a Nessus scan today that one of our Dell 6248 PowerConnect switches is running A VxWorks WDB Debug Agent, and is therefore vulnerable. Is there any way to simply disable this service/agent? (VU#362332) refers to an exposed VxWorks debug service (WDB Agent). This service runs over UDP port 17185 and allows complete access to the device, including the ability to manipulate memory, steal data, and ultimately hijack the entire operating system. Solution: Disable the debug agent Description: "Synopsis: Arbitrary commands can be run on this port. Description: A VxWorks WDB Debug Agent is running on this host. Using this service, it is possible to read or write any memory zone or execute arbitrary code on the host. An attacker can use this flaw to take complete control of the affected device. Solution: Disable the debug agent Risk Factor: Critical
DELL-Josh Cr
Moderator
•
9.4K Posts
0
June 3rd, 2014 15:00
Hi Jgoogy,
Please update to the latest firmware version as the 17185/UDP port is not open in version 3.0 or later of the firmware. http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=Y7YJ9&fileId=3354403342&osCode=NAA&productCode=powerconnect-6224&languageCode=EN&categoryId=NI