MNBSD-2008-4: OpenSSH X11 forwarding session hijack

Severity: Unknown

Affected Package: openssh

Summary: OpenSSH X11 forwarding session hijack

Description

OpenSSH X11 forwarding could bind the forwarding port improperly, allowing a local user to hijack X11 forwarding sessions. OpenSSH was updated to 5.0p1 in CURRENT, and a patch plus a config file fix was committed to RELENG_0_1. This corresponds to FreeBSD-SA-08:05.openssh.

Affected Versions

openssh

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2008-1483

Published: April 17, 2008
Last Modified: April 17, 2008