SECURITY vulnerability in ECS-K7S5A(L) boards

____________________________________________________________________________
SECURITY vulnerability in ECS-K7S5A(L) boards
____________________________________________________________________________

DESCRIPTION
===========
The administrator-password set in the BIOS of the K7S5A(L) locks out BIOS-access
from the console. However, it does not disable access to the boot-menu. Eventhough
the system is configured to boot from harddrive only, and has an admin-password set,
someone with physical access to the system can still boot from floppy or CD using
the boot-menu.

IMPACT
======
Security: Moderate
Any person with physical access to the machine can reboot from a removable medium
(introduced by him-self). By doing this, authentication mechanisms on the machine can
be bypassed, composmising the data on the system and the system itself.
Working from this compromised system with e.g. root/admin access can threaten the rest
of a network, depending on the architecture and authentication mechanisms.

AFFECTED VERSIONS
=================
All K7S5AL-boards, confirmed up to BIOS V.02/02/06

WORKARROUNDS
============
None at this moment, restrict physical access to the console where possible.
FIXES
=====
None at this moment.

VENDOR STATUS
=============
[Tue Apr 30 17:43:50 CEST 2002] Notified

This article was publised on BugTrac in 2002
Written by Guy Van Sanden
Licensed under a creative commons Attribution-NonCommercial-ShareAlike license.