Details of VAR-200905-0261

ID

VAR-200905-0261

CVE

CVE-2009-1472

TITLE

ATEN KH1516i IP KVM Switch Java Vulnerability in a client program that gains access to the machine connected to the switch

Trust: 0.8

sources: JVNDB: JVNDB-2009-003374

DESCRIPTION

The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to (1) execute arbitrary Java code, or (2) gain access to machines connected to the switch, by hijacking a session. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. The Java client executes arbitrary code. The Java client program connects to the kvm switch on port 9002 and then downloads and runs the new Java class. This connection is encrypted using AES, but the encryption key is hardcoded in the client program. An attacker acting as a man-in-the-middle can inject other Java classes, resulting in arbitrary Java code execution on the client machine

Trust: 1.98

sources: NVD: CVE-2009-1472 // JVNDB: JVNDB-2009-003374 // BID: 35108 // VULHUB: VHN-38918

AFFECTED PRODUCTS

vendor:	aten	model:	kn9116 ip kvm switch	scope:	eq	version:	1.1.104	Trust: 1.6
vendor:	aten	model:	kh1516i ip kvm switch	scope:	eq	version:	1.0.063	Trust: 1.6
vendor:	aten	model:	kh1516i ip kvm switch	scope:	eq	version:	firmware 1.0.063 of java client	Trust: 0.8
vendor:	aten	model:	kn9116 ip kvm switch	scope:	eq	version:	firmware 1.1.104 of java client	Trust: 0.8
vendor:	aten	model:	ip kvm pn9108	scope:	eq	version:	0	Trust: 0.3
vendor:	aten	model:	ip kvm kn9116	scope:	eq	version:	1.1.1.014	Trust: 0.3
vendor:	aten	model:	ip kvm kh1516i	scope:	eq	version:	1.0.063	Trust: 0.3

sources: BID: 35108 // JVNDB: JVNDB-2009-003374 // CNNVD: CNNVD-200905-307 // NVD: CVE-2009-1472

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-1472
value:	HIGH
Trust: 1.0
NVD:	CVE-2009-1472
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200905-307
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-38918
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-1472
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-38918
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-38918 // JVNDB: JVNDB-2009-003374 // CNNVD: CNNVD-200905-307 // NVD: CVE-2009-1472

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.9

sources: VULHUB: VHN-38918 // JVNDB: JVNDB-2009-003374 // NVD: CVE-2009-1472

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200905-307

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-200905-307

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-003374

PATCH

title:

Top Page

url:

http://www.aten.com/IP-KVM.htm

Trust: 0.8

sources: JVNDB: JVNDB-2009-003374

EXTERNAL IDS

db:	NVD	id:	CVE-2009-1472	Trust: 2.8
db:	BID	id:	35108	Trust: 2.0
db:	JVNDB	id:	JVNDB-2009-003374	Trust: 0.8
db:	BUGTRAQ	id:	20090526 MULTIPLE VULNERABILITIES IN SEVERAL ATEN IP KVM SWITCHES	Trust: 0.6
db:	CNNVD	id:	CNNVD-200905-307	Trust: 0.6
db:	VULHUB	id:	VHN-38918	Trust: 0.1

sources: VULHUB: VHN-38918 // BID: 35108 // JVNDB: JVNDB-2009-003374 // CNNVD: CNNVD-200905-307 // NVD: CVE-2009-1472

REFERENCES

url:	http://www.securityfocus.com/bid/35108	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/503827/100/0/threaded	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1472	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1472	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/archive/1/503827/100/0/threaded	Trust: 0.6
url:	http://www.aten.com/ip-kvm.htm	Trust: 0.3
url:	/archive/1/503827	Trust: 0.3

sources: VULHUB: VHN-38918 // BID: 35108 // JVNDB: JVNDB-2009-003374 // CNNVD: CNNVD-200905-307 // NVD: CVE-2009-1472

CREDITS

Jakob Lell jakob@cs.tu-berlin.de

Trust: 0.6

sources: CNNVD: CNNVD-200905-307

SOURCES

db:	VULHUB	id:	VHN-38918
db:	BID	id:	35108
db:	JVNDB	id:	JVNDB-2009-003374
db:	CNNVD	id:	CNNVD-200905-307
db:	NVD	id:	CVE-2009-1472

LAST UPDATE DATE

2025-04-10T23:05:08.901000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-38918	date:	2018-10-10T00:00:00
db:	BID	id:	35108	date:	2009-05-27T00:10:00
db:	JVNDB	id:	JVNDB-2009-003374	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200905-307	date:	2009-06-09T00:00:00
db:	NVD	id:	CVE-2009-1472	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-38918	date:	2009-05-27T00:00:00
db:	BID	id:	35108	date:	2009-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2009-003374	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200905-307	date:	2009-05-27T00:00:00
db:	NVD	id:	CVE-2009-1472	date:	2009-05-27T16:30:01.767