Bugtraq mailing list archives
Re: SSH & xauth
From: Cy.Schubert () UUMAIL GOV BC CA (Cy Schubert - ITSD Open Systems Group)
Date: Sun, 27 Feb 2000 14:30:27 -0800
In message <20000224173135.A4478 () ruff cs jmu edu>, Brian Caswell writes:
The default SSH configuration for SSH1 and SSH2 allow for remote controlling of X sessions through X forwarding.
[discussion of vulnerability edited out]
Allowing X forwarding seems to be turned on by default in SSH1, SSH2, and OpenSSH.
OpenSSH as of Tue Feb 1 02:19:07 EST 2000, probably before then, has X forwarding turned off by default. [discussion of fix removed] Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert () uumail gov bc ca UNIX Group, ITSD, ISTA Province of BC "COBOL IS A WASTE OF CARDS."
Current thread:
- Re: SSH & xauth, (continued)
- Re: SSH & xauth Andrey (Feb 25)
- Re: SSH & xauth David Terrell (Feb 25)
- Re: SSH & xauth Robert Watson (Feb 25)
- Re: SSH & xauth Lionel Cons (Feb 28)
- Re: SSH & xauth David Pybus (Feb 26)
- Re: SSH & xauth Robert Watson (Feb 28)
- xterm log file vulnerability Morten Welinder (Feb 29)
- false alarms by real secure Danton Nunes (Feb 29)
- New ZZ Posted Simple Nomad (Feb 29)
- DOS in Trendmicro OfficeScan cerberus (Feb 26)
- Re: SSH & xauth Cy Schubert - ITSD Open Systems Group (Feb 27)
- Re: SSH & xauth Oliver Friedrichs (Feb 25)
- Re: SSH & xauth Theo de Raadt (Feb 27)
- Re: SSH & xauth Cy Schubert - ITSD Open Systems Group (Feb 28)
- Serv-U FTP-Server v2.4a showing real path Berk Ulsoy (Feb 28)
- Re: SSH & xauth Robert Watson (Feb 28)
- Re: SSH & xauth Niels Provos (Feb 28)
- Re: SSH & xauth Theo de Raadt (Feb 27)
- Re: SSH & xauth Brian (Feb 28)
- Re: SSH & xauth Robert Watson (Feb 28)