CVE-2007-4752
HIGH severity · CVSS 7.5 · Improper input validation
7.5CVSS HIGH
Summary
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)2%
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://bugs.gentoo.org/show_bug.cgi?id=191321
- http://docs.info.apple.com/article.html?artnum=307562
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
- http://secunia.com/advisories/27399
- http://secunia.com/advisories/29420
- http://secunia.com/advisories/30249