4 matches found
SUSE CVE-2008-3259
OpenSSH before 5.1 sets the SOREUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform...
AIX OpenSSH Advisory: openssh_advisory.asc
The version of OpenSSH running on the remote host is affected by the following vulnerabilities : - X11 man-in-the-middle attack: When attempting to bind2 to a port that has previously been bound with SOREUSEADDR set, most operating systems check that either the effective user-id matches the...
SOL14382 - OpenSSH vulnerability CVE-2008-3259
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...