CVE-2009-4510 Information

Description

The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.

Reference

http://ftp.tandberg.com/pub/software/vcs/TANDBERG20Video20Communication20Server20Software20Release20Notes20(X5).pdf http://secunia.com/advisories/39275 http://www.vsecurity.com/resources/advisory/20100409-2