Lucene search
UbuntuUSN-566-1HistoryJan 09, 2008 - 12:00 a.m.
OpenSSH vulnerability
2008-01-0900:00:00
ubuntu.com
67
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.02
Percentile
89.0%
Releases
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- openssh -
Details
Jan Pechanec discovered that ssh would forward trusted X11 cookies when
untrusted cookie generation failed. This could lead to unintended privileges
being forwarded to a remote host.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.10 | noarch | openssh-client | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | openssh-client-udeb | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | openssh-server | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | openssh-server-udeb | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | ssh-askpass-gnome | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openssh-client | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openssh-client-udeb | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openssh-server | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openssh-server-udeb | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | ssh-askpass-gnome | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
References
Related
nessus
nessus
Mandrake Linux Security Advisory : openssh (MDKSA-2007:236)
2007-12-07 00:00:00
GLSA-200711-02 : OpenSSH: Security bypass
2007-11-02 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : openssh vulnerability (USN-566-1)
2008-01-10 00:00:00
openvas
openvas
Ubuntu Update for openssh vulnerability USN-566-1
2009-03-23 00:00:00
OpenSSH < 4.7 Improper Input Validation Vulnerability
2021-05-27 00:00:00
Mandriva Update for openssh MDKSA-2007:236 (openssh)
2009-04-09 00:00:00
gentoo
gentoo
OpenSSH: Security bypass
2007-11-01 00:00:00
debiancve
debiancve
CVE-2007-4752
2007-09-12 01:17:00
nvd
nvd
CVE-2007-4752
2007-09-12 01:17:00
f5
f5
SOL14161 - OpenSSH vulnerability CVE-2007-4752
2013-01-28 00:00:00
K14161 : OpenSSH vulnerability CVE-2007-4752
2013-09-11 00:00:00
cvelist
cvelist
CVE-2007-4752
2007-09-12 01:00:00
prion
prion
Code injection
2007-09-12 01:17:00
securityvulns
securityvulns
OpenSSH privilege escalation
2007-09-19 00:00:00
FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass
2007-09-19 00:00:00
cve
cve
CVE-2007-4752
2007-09-12 01:17:00
ubuntucve
ubuntucve
CVE-2007-4752
2007-09-12 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:28:47
slackware
slackware
[slackware-security] openssh
2007-09-12 21:56:33
oraclelinux
oraclelinux
openssh security update
2008-08-22 00:00:00
redhat
redhat
(RHSA-2008:0855) Critical: openssh security update
2008-08-22 00:00:00
centos
centos
openssh security update
2008-08-22 20:45:22
fedora
fedora
[SECURITY] Fedora Core 6 Update: openssh-4.3p2-25.fc6
2007-10-15 19:54:28
debian
debian
[SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness
2008-05-14 09:24:56
osv
osv
openssh openssh-blacklist - predictable randomness
2008-05-14 00:00:00
openssh-8.4p1-7.4 on GA media
2024-06-15 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.02
Percentile
89.0%
Related for USN-566-1