Lucene search
MitreCVELIST:CVE-2009-1629HistoryMay 14, 2009 - 5:00 p.m.
CVE-2009-1629
2009-05-1417:00:00
mitre
www.cve.org
2
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.
References
lists.fedoraproject.org/pipermail/package-announce/2010-December/052655.html
secunia.com/advisories/42784
www.ocert.org/advisories/ocert-2009-004.html
www.openwall.com/lists/oss-security/2009/05/11/1
www.securityfocus.com/archive/1/503421/100/0/threaded
www.securityfocus.com/bid/34903
exchange.xforce.ibmcloud.com/vulnerabilities/50464
Related
prion
prion
Code injection
2009-05-14 17:30:00
nvd
nvd
CVE-2009-1629
2009-05-14 17:30:00
openvas
openvas
Fedora Update for Ajaxterm FEDORA-2010-18867
2011-01-04 00:00:00
Debian: Security Advisory (DSA-1994-1)
2010-02-18 00:00:00
Debian Security Advisory DSA 1994-1 (ajaxterm)
2010-02-18 00:00:00
debiancve
debiancve
CVE-2009-1629
2009-05-14 17:30:00
nessus
nessus
Debian DSA-1994-1 : ajaxterm - weak session IDs
2010-02-24 00:00:00
Fedora 13 : Ajaxterm-0.10-13.fc13 (2010-18867)
2010-12-30 00:00:00
ubuntucve
ubuntucve
CVE-2009-1629
2009-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: Ajaxterm-0.10-13.fc13
2010-12-29 21:50:51
cve
cve
CVE-2009-1629
2009-05-14 17:30:00
debian
debian
[SECURITY] [DSA 1994-1] New ajaxterm packages fix session hijacking
2010-02-11 18:47:55