Описание
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | not an issue under Linux |
| devel | not-affected | not an issue under Linux |
| feisty | not-affected | not an issue under Linux |
| gutsy | not-affected | not an issue under Linux |
| hardy | not-affected | not an issue under Linux |
| upstream | released | 5.1 |
Показывать по
Ссылки на источники
EPSS
1.2 Low
CVSS2
Связанные уязвимости
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11Use ...
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
EPSS
1.2 Low
CVSS2