Vulnerability & Exploit Database

Back to search

OpenSSH X11 Forwarding Information Disclosure Vulnerability

Severity CVSS Published Added Modified
7 (AV:L/AC:M/Au:N/C:C/I:C/A:C) March 24, 2008 May 28, 2009 February 13, 2015

Description

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

openbsd-openssh-upgrade-latest

Related Vulnerabilities