← Back

CVE-2009-4295

nvd nist
Published: Dec 11, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:C/I:N/A:N
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic.

Affected (6)

Sun
1 product
Ray Server Software
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Ray Server Software
Version 4.0
Ray Server Software
Version 4.0
Ray Server Software
Version 4.0
Ray Server Software
Version 4.1
Ray Server Software
Version 4.1
Ray Server Software
Version 4.1

Related CWEs

CWE-310
CWE-310

References (8)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.