CVE-2016-1908 in OpenSSHinfo

Zusammenfassung (Englisch)

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservieren

15.01.2016

Veröffentlichung

11.04.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
80656	OpenBSD OpenSSH X11 Forwarding erweiterte Rechte	254	Unbewiesen	Offizieller Fix	CVE-2016-1908

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Do you know our Splunk app?

Download it now for free!