Executive Summary

Summary
Title Sun Alert 237444 Security Vulnerability in Solaris SSH May Allow Unauthorized Access to X11 Sessions
Informations
Name SUN-237444 First vendor Publication 2008-05-05
Vendor Sun Last vendor Modification 2010-01-21
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 9, Solaris 10
State: Resolved
First released: 05-May-2008
Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-66-237444-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_237444_security_vulnerability

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17406
 
Oval ID: oval:org.mitre.oval:def:17406
Title: USN-597-1 -- openssh vulnerability
Description: Timo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family.
Family: unix Class: patch
Reference(s): USN-597-1
CVE-2008-1483
 Version: 5
Platform(s): Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
 Product(s): openssh
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6085
 
Oval ID: oval:org.mitre.oval:def:6085
Title: Security Vulnerability in Solaris SSH May Allow Unauthorized Access to X11 Sessions
Description: OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Family: unix Class: vulnerability
Reference(s): CVE-2008-1483
 Version: 1
Platform(s): Sun Solaris 9
Sun Solaris 10
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2010-04-19 Name : OpenSSH X Connections Session Hijacking Vulnerability
File : nvt/gb_openssh_28444.nasl
2010-02-03 Name : Solaris Update for Kernel 122301-48
File : nvt/gb_solaris_122301_48.nasl
2010-02-03 Name : Solaris Update for Kernel 122300-48
File : nvt/gb_solaris_122300_48.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for OpenSSH
File : nvt/sles10_openssh0.nasl
2009-10-13 Name : Solaris Update for Kernel 122301-44
File : nvt/gb_solaris_122301_44.nasl
2009-10-13 Name : Solaris Update for /usr/bin/ssh 114356-19
File : nvt/gb_solaris_114356_19.nasl
2009-10-13 Name : Solaris Update for /usr/bin/ssh 114357-18
File : nvt/gb_solaris_114357_18.nasl
2009-10-13 Name : Solaris Update for Kernel 122300-44
File : nvt/gb_solaris_122300_44.nasl
2009-10-10 Name : SLES9: Security update for OpenSSH
File : nvt/sles9p5023096.nasl
2009-09-23 Name : Solaris Update for Kernel 122301-42
File : nvt/gb_solaris_122301_42.nasl
2009-06-03 Name : Solaris Update for Kernel 122300-40
File : nvt/gb_solaris_122300_40.nasl
2009-06-03 Name : Solaris Update for /usr/bin/ssh 114357-17
File : nvt/gb_solaris_114357_17.nasl
2009-06-03 Name : Solaris Update for Kernel 122301-40
File : nvt/gb_solaris_122301_40.nasl
2009-06-03 Name : Solaris Update for /usr/bin/ssh 114356-18
File : nvt/gb_solaris_114356_18.nasl
2009-06-03 Name : Solaris Update for kernel 137137-09
File : nvt/gb_solaris_137137_09.nasl
2009-06-03 Name : Solaris Update for kernel 137138-09
File : nvt/gb_solaris_137138_09.nasl
2009-05-05 Name : HP-UX Update for HP-UX Secure Shell HPSBUX02337
File : nvt/gb_hp_ux_HPSBUX02337.nasl
2009-04-09 Name : Mandriva Update for openssh MDVSA-2008:078 (openssh)
File : nvt/gb_mandriva_MDVSA_2008_078.nasl
2009-03-23 Name : Ubuntu Update for openssh vulnerability USN-597-1
File : nvt/gb_ubuntu_USN_597_1.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200804-03 (openssh)
File : nvt/glsa_200804_03.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
File : nvt/freebsdsa_openssh4.nasl
2008-05-27 Name : Debian Security Advisory DSA 1576-1 (openssh)
File : nvt/deb_1576_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2008-095-01 openssh
File : nvt/esoft_slk_ssa_2008_095_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
43745 OpenSSH X11 Forwarding Local Session Hijacking

Nessus® Vulnerability Scanner

Date Description
2017-12-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1351.nasl - Type : ACT_GATHER_INFO
2017-12-08 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-3230-1.nasl - Type : ACT_GATHER_INFO
2014-04-16 Name : The remote AIX host is running a vulnerable version of OpenSSH.
File : aix_ssh_advisory.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-527.nasl - Type : ACT_GATHER_INFO
2011-08-29 Name : The SSH service running on the remote host has an information disclosure vuln...
File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12122.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-078.nasl - Type : ACT_GATHER_INFO
2008-09-16 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO
2008-09-16 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO
2008-08-20 Name : The remote SSH service is affected by multiple vulnerabilities.
File : attachmate_reflection_70_sp1.nasl - Type : ACT_GATHER_INFO
2008-05-19 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1576.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssh-5122.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote openSUSE host is missing a security update.
File : suse_openssh-5148.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote openSUSE host is missing a security update.
File : suse_openssh-5149.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200804-03.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-095-01.nasl - Type : ACT_GATHER_INFO
2008-04-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-597-1.nasl - Type : ACT_GATHER_INFO
2008-04-03 Name : The remote SSH service is prone to an X11 session hijacking vulnerability.
File : openssh_50.nasl - Type : ACT_GATHER_INFO
2005-10-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-527.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-02-06 19:08:15
  • Multiple Updates