CVE-2009-4295

Currently unrated

Key Information:

Vendor: Oracle
Status: Ray Server Software
Vendor: CVE Published:; 11 December 2009

Summary

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic.

References

http://www.securityfocus.com/bid/37285

vdb-entryx_refsource_BID

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://www.vupen.com/english/advisories/2009/3477

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 11, 2009