CVE-2013-4425
Published Nov 18, 2013
Last updated 7 years ago
Overview
- Description
- The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starting up, encrypts the TLS private key file using "SuperSecretPassword" as the hardcoded password, which allows local users to obtain the private key.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Evaluator
- Comment
- According to several reference links Osirix MD before 2.8 are vulnerable http://www.securityfocus.com/bid/63566/discuss http://archives.neohapsis.com/archives/bugtraq/2013-11/0029.html
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ACA57B1-0AE6-4E58-A7C2-5B46DF2B0D46",
"versionEndIncluding": "5.7"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "631075E1-6A87-4A2D-A3EA-C3DBA963F8F1"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "981FC72F-2DCA-4D7E-8CDF-9ED2AB2F0474"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD7E9F6E-4E6F-4979-BEDF-18F92412623E"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAA1942D-169B-4B5B-AE4B-F842BA7ADF8B"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "760D1BA0-2018-4DB2-9426-A4E9EA634A49"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2AB9703-567E-435E-A022-DF0A5292CE26"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96802751-1914-40DA-AEB8-CED296A751A1"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7CF62F8-F92C-4B52-A3BF-63C377688B44"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0210D44-C254-4467-90FB-C7CC370F50FE"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88EDF921-80B6-4F7F-A93B-0049D6F051BD"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "697FBDAC-6A72-4BCD-B787-AB0FC2D718D7"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "465C5E82-3B85-478C-B471-C00F4388686A"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "867BFEA0-F910-4D99-B10E-1E46AF074339"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "306F9D56-21B3-4A97-9C36-85092D534C84"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "852F304B-89AD-40C5-8050-7B8F2A9E1B70"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED266897-E426-4BEC-A4D9-D9802277EB6A"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:1.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFA8659D-175A-4A46-A426-0BC47C12C169"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "167E5338-D231-4EFF-B66C-565A93B3855B"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0160C3FC-6BFC-4323-BD06-CE177CD92431"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96D8F007-7A4C-4D61-8EC2-B99FCF7A4CE1"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3584D9B-3F0D-4A2E-B971-B3732AFEAA98"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A68C0BB7-E405-49E1-A43C-24E9C6E9AFC8"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B924D71-358B-4D97-845A-DA1D7B89A242"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "181C32F3-C620-493B-98CC-FF792BD34FFC"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB80517C-82E8-4D4D-9921-C89D9D15EE10"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:2.7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "094B03AB-2C13-46CB-8C4A-759A97BA5AF9"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0ED8E46-A943-4D27-9B66-96206A12CD99"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67B25A19-9112-44FE-B877-4F6159476EA1"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DC6606E-BD41-4AE3-87CE-A1F3B0EABD8B"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96B8A72A-8239-430C-8F69-E94A9540E8FE"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDC3A980-7E84-4960-8FA3-A21D786A8ECD"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAD5D0CD-9688-409E-A9A9-BE3B75775EC9"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27EFD0EE-3BC1-4269-9FE5-20B12D0B3BB4"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "877E8EE1-7A54-4D0E-BAC4-A08F3E483CA2"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:3.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "872EADD2-FD26-4B3E-BFE5-003A415C8761"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FB7942E-C334-41B8-B3E0-C86FDD45C250"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA5FD5A4-5F88-49BA-B752-E56CD247A2AD"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6EE898E-365C-4C89-8889-ED14AC1000AC"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:5.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A8DF990-449D-43E8-8E4E-EF1B1EE82AC3"
},
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix:5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BBD6CF2-A7C4-4F8C-B3A2-51BC54B73598"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:osirix-viewer:osirix_md:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83BAC0F7-4CDA-4D8F-ADBD-FF01647A58C8",
"versionEndIncluding": "2.7"
}
],
"operator": "OR"
}
]
}
]