Описание
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1:4.2p1-7ubuntu3.2 |
| devel | not-affected | 1:4.7p1-1 |
| edgy | released | 1:4.3p2-5ubuntu1.1 |
| feisty | released | 1:4.3p2-8ubuntu1.1 |
| gutsy | released | 1:4.6p1-5ubuntu0.1 |
| upstream | released | 4.7 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
ssh in OpenSSH before 4.7 does not properly handle when an untrusted c ...
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.5 High
CVSS2