• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple ATEN IP KVM Switches Multiple Remote Vulnerabilities and Weakness

Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness:

- A security weakness may allow attackers to decrypt HTTP traffic.
- A remote code-execution vulnerability is present.
- A security vulnerability may allow attackers to gain access to the session key.
- A security vulnerability may allow attackers to gain access to mouse events.
- A security vulnerability may allow attackers to gain access to the session ID.

Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible.