Gentoo Logo

OpenSSH: Security bypass


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200711-02 / openssh
Release Date November 01, 2007
Latest Revision November 01, 2007: 01
Impact low
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-misc/openssh < 4.7 >= 4.7 All supported architectures

Related bugreports: #191321


A flaw has been discovered in OpenSSH which could allow a local attacker to bypass security restrictions.

2.  Impact Information


OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support.


Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one.


An attacker could bypass the SSH client security policy and gain privileges by causing an X client to be treated as trusted.

3.  Resolution Information


There is no known workaround at this time.


All OpenSSH users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openssh-4.7"

4.  References


Page updated November 01, 2007

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.