Gentoo Logo

OpenSSH: Security bypass

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200711-02 / openssh
Release Date November 01, 2007
Latest Revision November 01, 2007: 01
Impact low
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-misc/openssh < 4.7 >= 4.7 All supported architectures

Related bugreports: #191321

Synopsis

A flaw has been discovered in OpenSSH which could allow a local attacker to bypass security restrictions.

2.  Impact Information

Background

OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support.

Description

Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one.

Impact

An attacker could bypass the SSH client security policy and gain privileges by causing an X client to be treated as trusted.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All OpenSSH users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openssh-4.7"

4.  References



Print

Page updated November 01, 2007

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.