Bug 500225 (CVE-2009-1629)
Summary: | CVE-2009-1629 AjaxTerm: session id collision | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | unspecified | CC: | ruben | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.ocert.org/advisories/ocert-2009-004.html | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-08-22 16:09:42 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 544033 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Jan Lieskovsky
2009-05-11 18:44:24 UTC
CVE-2009-1629: ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack. References: http://www.securityfocus.com/archive/1/archive/1/503421/100/0/threaded http://xforce.iss.net/xforce/xfdb/50464 Created Fedora tracking bugs for AjaxTerm: All versions: bug #544033 Created attachment 390456 [details] DSA-1994-1 patch Debian has release a security advisory for ajaxterm to address this flaw: http://www.debian.org/security/2010/dsa-1994 Comment in the patch describes what changes they've made. Patch extracted from ajaxterm_0.10-2+lenny1.diff.gz . |