Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Dell BIOS DoS (Invalid Characters in BIOS Password)

Dec 9, 2003 2:36AM PST

The Dell BIOS allows users to set several different passwords to protect their machines from unauthorized access. There is:
1) A Setup Password, which is required to enter the BIOS setup, as well as
2) A Hard Drive Password, as per the ATA Security Feature Set Specification
Due to a bug in the BIOS, a password containing characters that cannot be later entered, c can be provided by a user. This allows a local user to create a denial of service (as the password authentication mechanism cannot be bypassed) situation.

Affected Systems:
Dell Inspiron 2650 System BIOS, A11 (A11 is the current BIOS as of writing, and was released in late September of this year)

More details: http://www.securiteam.com/securitynews/6T0022K95M.html


--
Donna
Security Software

Discussion is locked