RedHat Linux 6.1 ORBit and esound Weak Authentication Vulnerability
BID:1275
Info
RedHat Linux 6.1 ORBit and esound Weak Authentication Vulnerability
| Bugtraq ID: | 1275 |
| Class: | Design Error |
| CVE: |
CVE-2000-0357 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Dec 03 1999 12:00AM |
| Updated: | Jul 11 2009 01:56AM |
| Credit: | <unknown> |
| Vulnerable: |
Redhat ORBit-devel-0.4.95-2.i386.rpm Redhat ORBit-0.4.95-2.i386.rpm Redhat Linux 6.1 sparc Redhat Linux 6.1 i386 Redhat esound-devel-0.2.14-1.i386.rpm Redhat esound-0.2.14-1.i386.rpm |
| Not Vulnerable: | |
Discussion
RedHat Linux 6.1 ORBit and esound Weak Authentication Vulnerability
From Red Hat Security Advisory RHSA-1999:058-01
ORBit and esound used a source of random data that was easily guessable, possibly allowing an attacker with local access to guess the authentication keys used to control access to these services.
From Red Hat Security Advisory RHSA-1999:058-01
ORBit and esound used a source of random data that was easily guessable, possibly allowing an attacker with local access to guess the authentication keys used to control access to these services.
Exploit / POC
RedHat Linux 6.1 ORBit and esound Weak Authentication Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].