Computer Security

CVE-2008-1483
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-1483
StatusCandidate
DescriptionOpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
PhaseAssigned (24.03.2008)
SecurityVulns:OpenSSH privilege escalation
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1483
ReferencesBUGTRAQ : 20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server
 CONFIRM : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=4...
 CONFIRM : http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120
 CONFIRM : https://issues.rpath.com/browse/RPL-2397
 FRSIRT : ADV-2008-0994
 SECUNIA : 29522
 SECUNIA : 29537
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru