Details of VAR-200212-0126

ID

VAR-200212-0126

CVE

CVE-2002-2059

TITLE

Intel D845 Motherboard BIOS Serial Any Media Boot Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-591

DESCRIPTION

BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key. The D845 series motherboards are a product of Intel. These motherboards are designed to support the Pentium 4 processor. When a system using a D845 series motherboard is booted, it is possible to halt the boot to change the boot media, even if a BIOS password is set. By pressing the F8 key, the D845 BIOS will give a user at the console a menu. From this menu, a user may specify a different media than the default from which the system is to be booted. Any password set on the BIOS will be circumvented by this procedure. Through this process, a local attacker can bypass the Password protected and successfully booted

Trust: 1.26

sources: NVD: CVE-2002-2059 // BID: 4610 // VULHUB: VHN-6442

AFFECTED PRODUCTS

vendor:	intel	model:	d845bg motherboard	scope:	eq	version:	p02-0015	Trust: 1.6
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p04-0018	Trust: 1.6
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p06-0024	Trust: 1.6
vendor:	intel	model:	d845bg motherboard	scope:	eq	version:	p04-0023	Trust: 1.6
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p08-0031	Trust: 1.6
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p07-0029	Trust: 1.6
vendor:	intel	model:	d845bg motherboard	scope:	eq	version:	p05-0024	Trust: 1.6
vendor:	intel	model:	d845bg motherboard	scope:	eq	version:	p01-0012	Trust: 1.6
vendor:	intel	model:	d845bg motherboard	scope:	eq	version:	p03-0021	Trust: 1.6
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p05-0022	Trust: 1.6
vendor:	intel	model:	d845pt motherboard	scope:	eq	version:	p03-0021	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p04-0018	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p06-0024	Trust: 1.0
vendor:	intel	model:	d845pt motherboard	scope:	eq	version:	p05-0024	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p08-0031	Trust: 1.0
vendor:	intel	model:	d845pt motherboard	scope:	eq	version:	p02-0015	Trust: 1.0
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p11-0040	Trust: 1.0
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p09-0035	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p11-0040	Trust: 1.0
vendor:	intel	model:	d845pt motherboard	scope:	eq	version:	p04-0023	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p09-0035	Trust: 1.0
vendor:	intel	model:	d845hv motherboard	scope:	eq	version:	p10-0038	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p07-0029	Trust: 1.0
vendor:	intel	model:	d845wn motherboard	scope:	eq	version:	p10-0038	Trust: 1.0
vendor:	intel	model:	d845pt motherboard	scope:	eq	version:	p01-0012	Trust: 1.0
vendor:	intel	model:	d845wn motherboard p11-0040	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p10-0038	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p09-0035	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p08-0031	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p07-0029	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p06-0024	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p05-0022	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845wn motherboard p04-0018	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845pt motherboard p05-0024	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845pt motherboard p04-0023	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845pt motherboard p03-0021	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845pt motherboard p02-0015	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845pt motherboard p01-0012	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p11-0040	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p10-0038	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p09-0035	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p08-0031	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p07-0029	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p06-0024	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p05-0022	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845hv motherboard p04-0018	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845bg motherboard p05-0024	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845bg motherboard p04-0023	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845bg motherboard p03-0021	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845bg motherboard p02-0015	scope:	-	version:	-	Trust: 0.3
vendor:	intel	model:	d845bg motherboard p01-0012	scope:	-	version:	-	Trust: 0.3

sources: BID: 4610 // CNNVD: CNNVD-200212-591 // NVD: CVE-2002-2059

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-2059
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200212-591
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-6442
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-2059
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-6442
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6442 // CNNVD: CNNVD-200212-591 // NVD: CVE-2002-2059

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-2059

THREAT TYPE

local

Trust: 0.9

sources: BID: 4610 // CNNVD: CNNVD-200212-591

TYPE

Configuration Error

Trust: 0.9

sources: BID: 4610 // CNNVD: CNNVD-200212-591

EXTERNAL IDS

db:	BID	id:	4610	Trust: 2.0
db:	NVD	id:	CVE-2002-2059	Trust: 1.7
db:	CNNVD	id:	CNNVD-200212-591	Trust: 0.7
db:	XF	id:	845	Trust: 0.6
db:	BUGTRAQ	id:	20020425 INTEL D845HV/WN/PT SERIES MOTHERBOARD VULNERABILITY	Trust: 0.6
db:	BUGTRAQ	id:	20020503 RE: INTEL D845HV/WN/PT SERIES MOTHERBOARD VULNERABILITY	Trust: 0.6
db:	NSFOCUS	id:	2677	Trust: 0.6
db:	VULHUB	id:	VHN-6442	Trust: 0.1

sources: VULHUB: VHN-6442 // BID: 4610 // CNNVD: CNNVD-200212-591 // NVD: CVE-2002-2059

REFERENCES

url:	http://www.securityfocus.com/bid/4610	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2002-04/0356.html	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2002-05/0017.html	Trust: 1.7
url:	http://www.iss.net/security_center/static/8998.php	Trust: 1.7
url:	ftp://download.intel.com/design/motherbd/bg/p06-0027.pdf	Trust: 1.1
url:	ftp://download.intel.com/design/motherbd/hv/p12-0041d.pdf	Trust: 1.1
url:	ftp://download.intel.com/design/motherbd/pt/p06-0027.pdf	Trust: 1.1
url:	ftp://download.intel.com/design/motherbd/wn/p12-0041d.pdf	Trust: 1.1
url:	http://www.nsfocus.net/vulndb/2677	Trust: 0.6

sources: VULHUB: VHN-6442 // CNNVD: CNNVD-200212-591 // NVD: CVE-2002-2059

CREDITS

Dave Oliver※ bugtraq@daveo.co.uk

Trust: 0.6

sources: CNNVD: CNNVD-200212-591

SOURCES

db:	VULHUB	id:	VHN-6442
db:	BID	id:	4610
db:	CNNVD	id:	CNNVD-200212-591
db:	NVD	id:	CVE-2002-2059

LAST UPDATE DATE

2025-04-03T22:40:44.336000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-6442	date:	2008-09-05T00:00:00
db:	BID	id:	4610	date:	2002-04-26T00:00:00
db:	CNNVD	id:	CNNVD-200212-591	date:	2006-08-09T00:00:00
db:	NVD	id:	CVE-2002-2059	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-6442	date:	2002-12-31T00:00:00
db:	BID	id:	4610	date:	2002-04-26T00:00:00
db:	CNNVD	id:	CNNVD-200212-591	date:	2002-04-26T00:00:00
db:	NVD	id:	CVE-2002-2059	date:	2002-12-31T05:00:00