VUPEN Security - Avaya IR Solaris OpenSSH Information Disclosure Weakness / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Avaya IR Solaris OpenSSH Information Disclosure Weakness

Title : Avaya IR Solaris OpenSSH Information Disclosure Weakness
VUPEN ID : VUPEN/ADV-2008-1526
CVE ID : CVE-2008-1483
Rated as : Low Risk

Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2008-05-14

Technical Description

A weakness has been identified in Avaya IR, which could be exploited by local attackers to gain knowledge of sensitive information. This issue is caused by an error in OpenSSH for Solaris. For additional information, see : VUPEN/ADV-2008-1448

Affected Products

Avaya Interactive Response (IR) 2.0
Avaya Interactive Response (IR) 3.0

Solution

Set X11Forwarding to "no".

References

http://www.vupen.com/english/advisories/2008/1526
http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm

ChangeLog

2008-05-14 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Latest News

>> 2009-07-06