Executive Summary
Summary | |
---|---|
Title | OpenSSH vulnerability |
Informations | |||
---|---|---|---|
Name | USN-597-1 | First vendor Publication | 2008-04-01 |
Vendor | Ubuntu | Last vendor Modification | 2008-04-01 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: Ubuntu 7.10: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Timo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family. A local attacker could exploit this flaw on systems with IPv6 enabled to hijack connections, including X11 forwards. |
Original Source
Url : http://www.ubuntu.com/usn/USN-597-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17406 | |||
Oval ID: | oval:org.mitre.oval:def:17406 | ||
Title: | USN-597-1 -- openssh vulnerability | ||
Description: | Timo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-597-1 CVE-2008-1483 | Version: | 5 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | openssh |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6085 | |||
Oval ID: | oval:org.mitre.oval:def:6085 | ||
Title: | Security Vulnerability in Solaris SSH May Allow Unauthorized Access to X11 Sessions | ||
Description: | OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1483 | Version: | 1 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.5 Update / Security Update 2008-006 File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl |
2010-04-19 | Name : OpenSSH X Connections Session Hijacking Vulnerability File : nvt/gb_openssh_28444.nasl |
2010-02-03 | Name : Solaris Update for Kernel 122301-48 File : nvt/gb_solaris_122301_48.nasl |
2010-02-03 | Name : Solaris Update for Kernel 122300-48 File : nvt/gb_solaris_122300_48.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for OpenSSH File : nvt/sles10_openssh0.nasl |
2009-10-13 | Name : Solaris Update for Kernel 122301-44 File : nvt/gb_solaris_122301_44.nasl |
2009-10-13 | Name : Solaris Update for /usr/bin/ssh 114356-19 File : nvt/gb_solaris_114356_19.nasl |
2009-10-13 | Name : Solaris Update for /usr/bin/ssh 114357-18 File : nvt/gb_solaris_114357_18.nasl |
2009-10-13 | Name : Solaris Update for Kernel 122300-44 File : nvt/gb_solaris_122300_44.nasl |
2009-10-10 | Name : SLES9: Security update for OpenSSH File : nvt/sles9p5023096.nasl |
2009-09-23 | Name : Solaris Update for Kernel 122301-42 File : nvt/gb_solaris_122301_42.nasl |
2009-06-03 | Name : Solaris Update for Kernel 122300-40 File : nvt/gb_solaris_122300_40.nasl |
2009-06-03 | Name : Solaris Update for /usr/bin/ssh 114357-17 File : nvt/gb_solaris_114357_17.nasl |
2009-06-03 | Name : Solaris Update for Kernel 122301-40 File : nvt/gb_solaris_122301_40.nasl |
2009-06-03 | Name : Solaris Update for /usr/bin/ssh 114356-18 File : nvt/gb_solaris_114356_18.nasl |
2009-06-03 | Name : Solaris Update for kernel 137137-09 File : nvt/gb_solaris_137137_09.nasl |
2009-06-03 | Name : Solaris Update for kernel 137138-09 File : nvt/gb_solaris_137138_09.nasl |
2009-05-05 | Name : HP-UX Update for HP-UX Secure Shell HPSBUX02337 File : nvt/gb_hp_ux_HPSBUX02337.nasl |
2009-04-09 | Name : Mandriva Update for openssh MDVSA-2008:078 (openssh) File : nvt/gb_mandriva_MDVSA_2008_078.nasl |
2009-03-23 | Name : Ubuntu Update for openssh vulnerability USN-597-1 File : nvt/gb_ubuntu_USN_597_1.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-03 (openssh) File : nvt/glsa_200804_03.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc) File : nvt/freebsdsa_openssh4.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1576-1 (openssh) File : nvt/deb_1576_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-095-01 openssh File : nvt/esoft_slk_ssa_2008_095_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
43745 | OpenSSH X11 Forwarding Local Session Hijacking |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-12-14 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1351.nasl - Type : ACT_GATHER_INFO |
2017-12-08 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3230-1.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSH. File : aix_ssh_advisory.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-527.nasl - Type : ACT_GATHER_INFO |
2011-08-29 | Name : The SSH service running on the remote host has an information disclosure vuln... File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12122.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-078.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO |
2008-08-20 | Name : The remote SSH service is affected by multiple vulnerabilities. File : attachmate_reflection_70_sp1.nasl - Type : ACT_GATHER_INFO |
2008-05-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1576.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssh-5122.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote openSUSE host is missing a security update. File : suse_openssh-5148.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote openSUSE host is missing a security update. File : suse_openssh-5149.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-03.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-095-01.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-597-1.nasl - Type : ACT_GATHER_INFO |
2008-04-03 | Name : The remote SSH service is prone to an X11 session hijacking vulnerability. File : openssh_50.nasl - Type : ACT_GATHER_INFO |
2005-10-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-527.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:01 |
|