Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-1908

Опубликовано: 11 апр. 2017
Источник: debian
EPSS Низкий

Описание

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
opensshfixed1:7.2p1-1package
opensshno-dsawheezypackage
opensshno-dsasqueezepackage

Примечания

  • Upstream commit: https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c

  • which needs to be applied after: https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f

  • Background information on X11 SECURITY extension and SSH: https://thejh.net/written-stuff/openssh-6.8-xsecurity

  • https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html

  • Red Hat Bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1298741

  • vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)

  • https://lists.debian.org/debian-lts/2016/01/msg00029.html

  • Upstream announce: http://www.openssh.com/txt/release-7.2

EPSS

Процентиль: 89%
0.04666
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-1908

CVSS3: 9.8
ubuntu
больше 8 лет назад

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

redhat логотип

CVE-2016-1908

redhat
больше 9 лет назад

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

nvd логотип

CVE-2016-1908

CVSS3: 9.8
nvd
больше 8 лет назад

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

github логотип

GHSA-mgwc-m57j-46w8

CVSS3: 9.8
github
больше 3 лет назад

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

fstec логотип

BDU:2017-01263

fstec
больше 8 лет назад

Уязвимость клиента средства криптографической защиты OpenSSH, позволяющая нарушителю получить доверенные права при взаимодействии с X11-сервером

EPSS

Процентиль: 89%
0.04666
Низкий