New Search

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

oval:org.mitre.oval:def:10809

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • CentOS Linux 4
  • Oracle Linux 4
  • Oracle Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-4752
Product(s):