13 matches found
MiracleLinux 3 : openssh-4.3p2-26.1.1AXS3 (AXSA:2008-272:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-272:01 advisory. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. CVE-2007-4752: ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cann...
EUVD-2007-4733
Malware in sbrugna...
OpenSSH < 4.7 Trusted X11 Cookie Connection Policy Bypass
According to the banner, OpenSSH earlier than 4.7 is running on the remote host. Such versions contain an authentication bypass vulnerability. In the event that OpenSSH cannot create an untrusted cookie for X, for example due to the temporary partition being full, it will use a trusted cookie...
SuSE9 Security Update : OpenSSH (YOU Patch Number 11931)
This update fixes a bug in ssh's cookie handling code. It does not properly handle the situation when an untrusted cookie cannot be created and uses a trusted X11 cookie instead. This allows attackers to violate the intended policy and gain privileges by causing an X client to be treated as...
Mandriva Update for openssh MDKSA-2007:236 (openssh)
Check for the Version of openssh OpenVAS Vulnerability Test Mandriva Update for openssh MDKSA-2007:236 openssh Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted...
openssh security update
4.3p2-26.el52.1 - CVE-2007-4752 - Prevent ssh1 from using a trusted X11 cookie if creation of an untrusted cookie fails 280361...
OpenSSH: Security bypass
Background OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support. Description Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one. Impact An attacker could bypass the SSH client security policy and gain...
OpenSSH X11 Cookie 本地略过验证弱点
OpenSSH 4.6.x 及之前的版本允许本地攻击者略过验证而获得存取权, 因为无法对信任及不信任的 X11 cookies 做正确的处理, 本地攻击者可以攻击此弱点而略过验证, 获得存取权. UNIX 升级至升级至 OpenSSH 4.7 或最新版本的 OpenSSH. . OpenSSH Homepage http://www.openssh.com/ . OpenSSH release 4.7 http://www.openssh.com/txt/release-4.7...
OpenSSH X11 Cookie本地验证绕过漏洞
OpenSSH是一款开放源码的SSH协议的实现。 OpenSSH不正确管理可信和不可信X11 COOKIE,本地攻击者可以利用漏洞绕过验证启动转发的X11会话。 目前没有详细漏洞细节提供。 rPath rPath Linux 1 OpenSSH OpenSSH 4.6 GNOME gnome-ssh-askpass 0 Gentoo Linux 2007.0 升级到最新程序: http://www.openssh.com/txt/release-4.7...
CVE-2007-4752
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted...
CVE-2007-4752
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted...
OpenSSH < 4.7 Trusted X11 Cookie Connection Policy Bypass
Binary data 4209.prm...