Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-1629HistoryMay 14, 2009 - 5:30 p.m.
CVE-2009-1629
2009-05-1417:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.028
Percentile
90.7%
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | ajaxterm | < 0.10-5 | ajaxterm_0.10-5_all.deb |
Related
prion
prion
Code injection
2009-05-14 17:30:00
nvd
nvd
CVE-2009-1629
2009-05-14 17:30:00
openvas
openvas
Fedora Update for Ajaxterm FEDORA-2010-18867
2011-01-04 00:00:00
Debian: Security Advisory (DSA-1994-1)
2010-02-18 00:00:00
Debian Security Advisory DSA 1994-1 (ajaxterm)
2010-02-18 00:00:00
cvelist
cvelist
CVE-2009-1629
2009-05-14 17:00:00
nessus
nessus
Debian DSA-1994-1 : ajaxterm - weak session IDs
2010-02-24 00:00:00
Fedora 13 : Ajaxterm-0.10-13.fc13 (2010-18867)
2010-12-30 00:00:00
ubuntucve
ubuntucve
CVE-2009-1629
2009-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: Ajaxterm-0.10-13.fc13
2010-12-29 21:50:51
cve
cve
CVE-2009-1629
2009-05-14 17:30:00
debian
debian
[SECURITY] [DSA 1994-1] New ajaxterm packages fix session hijacking
2010-02-11 18:47:55
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.028
Percentile
90.7%
Related for DEBIANCVE:CVE-2009-1629