CVE-2008-1483

Severity

69%

Complexity

34%

Confidentiality

165%

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

CVSS 2.0 Base Score 6.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-03-24 23:44:00

Last updated 6 years ago

2018-10-11 20:35:00

Affected Software

OpenBSD OpenSSH Portable 4.3.p2

4.3p2

References

NetBSD-SA2008-005

http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011

HPSBUX02337

APPLE-SA-2008-09-15

SUSE-SR:2008:009

29522

Vendor Advisory

29537

Vendor Advisory

29554

Vendor Advisory

29626

Vendor Advisory

29676

Vendor Advisory

29683

Vendor Advisory

29686

Vendor Advisory

29721

Vendor Advisory

29735

Vendor Advisory

29873

Vendor Advisory

29939

Vendor Advisory

30086

Vendor Advisory

30230

Vendor Advisory

30249

Vendor Advisory

30347

30361

Vendor Advisory

31531

Vendor Advisory

31882

Vendor Advisory

FreeBSD-SA-08:05

http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227

237444

1019235

http://support.attachmate.com/techdocs/2374.html

http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm

20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120

DSA-1576

GLSA-200804-03

[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability

MDVSA-2008:078

20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server

28444

1019707

SSA:2008-095-01

TA08-260A

US Government Resource

ADV-2008-0994

ADV-2008-1123

ADV-2008-1124

ADV-2008-1448

ADV-2008-1526

ADV-2008-1624

ADV-2008-1630

ADV-2008-2396

ADV-2008-2584

openssh-sshd-session-hijacking(41438)

https://issues.rpath.com/browse/RPL-2397

oval:org.mitre.oval:def:6085

USN-597-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.