CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
89.0%
Jan Pechanec discovered that ssh would forward trusted X11 cookies when
untrusted cookie generation failed. This could lead to unintended privileges
being forwarded to a remote host.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.10 | noarch | openssh-client | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-client-udeb | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-server | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-server-udeb | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | ssh-askpass-gnome | < 1:4.6p1-5ubuntu0.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-client | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-client-udeb | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-server | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-server-udeb | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | ssh-askpass-gnome | < 1:4.3p2-8ubuntu1.1 | UNKNOWN |