Vulnerabilities > Intel > Wimax Network Service
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-08-25 | CVE-2013-4219 | Numeric Errors vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value that triggers a heap-based buffer overflow within (1) L5SocketsDispatcher.c or (2) L5Connector.c. | 7.5 |
| 2013-08-25 | CVE-2013-4218 | Cryptographic Issues vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations. | 2.1 |
| 2013-08-25 | CVE-2013-4217 | Cryptographic Issues vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file. | 2.1 |
| 2013-08-25 | CVE-2013-4216 | Permissions, Privileges, and Access Controls vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file. | 2.1 |