CVE-2009-4295
First published: Fri Dec 11 2009(Updated: )
Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun Ray Server Software | =4.1 | |
| Sun Ray Server Software | =4.0 | |
| Sun Ray Server Software | =4.0 | |
| Sun Ray Server Software | =4.1 | |
| Sun Ray Server Software | =4.1 | |
| Sun Ray Server Software | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/type
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sun
- canonical/sun ray server software
- version/sun ray server software/4.1
- version/sun ray server software/4.0