Info

Disclosure

Sep 01, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

OpenSSH contains a flaw that may allow or enable some X11 forwarding functionality unintentionally. The issue can occur when multiple X11 forwarding requests are made on the same session, single_connection listeners or when an X11 listener is orphaned after a session goes away.

Classification

Location: Local Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified

Solution

Upgrade to version 4.2p1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

OpenSSH

OpenSSH Portable

4.1p1

References

Security Tracker: 1014845
Secunia Advisory ID: 16686 18010 18661 19243
SCIP VulDB ID: 1723
Related OSVDB ID: 19141
CVE ID: 2005-2797 (see also: NVD)
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm
Mail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2005-09/0001.html
Vendor URL: http://openssh.com/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/19142