oval:org.mitre.oval:def:5599

Definition Id: oval:org.mitre.oval:def:5599

Oval ID:	oval:org.mitre.oval:def:5599
Title:	HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges
Description:	ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-4752	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02287 HP Release B.11.11 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.003 OR Criteria meets HP Security Bulletin HPSBUX02287 HP Release B.11.23 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.004 OR Criteria meets HP Security Bulletin HPSBUX02287 HP-UX B.11.31 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.005