Описание
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1:4.2p1-7ubuntu3.3 |
| devel | not-affected | |
| edgy | released | 1:4.3p2-5ubuntu1.2 |
| feisty | released | 1:4.3p2-8ubuntu1.2 |
| gutsy | released | 1:4.6p1-5ubuntu0.2 |
| upstream | needs-triage |
Показывать по
EPSS
6.9 Medium
CVSS2
Связанные уязвимости
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
OpenSSH 4.3p2, and probably other versions, allows local users to hija ...
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
EPSS
6.9 Medium
CVSS2