oss-sec mailing list archives

Re: CVE Request: openssh local users may hijack forwarded X connections

From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 24 Mar 2008 18:18:13 -0400 (EDT)


======================================================
Name: CVE-2008-1483
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011

OpenSSH 4.3p2, and probably other versions, allows local users to
hijack forwarded X connections by causing ssh to set DISPLAY to :10,
even when another process is listening on the associated port, as
demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie
sent by Emacs.

Current thread:

CVE Request: openssh local users may hijack forwarded X connections Micah Anderson (Mar 22)
- Re: CVE Request: openssh local users may hijack forwarded X connections Steven M. Christey (Mar 24)