CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
15.7%
Timo Juhani Lindfors discovered that the OpenSSH client, when port
forwarding was requested, would listen on any available address family.
A local attacker could exploit this flaw on systems with IPv6 enabled
to hijack connections, including X11 forwards.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.10 | noarch | openssh-client | <Β 1:4.6p1-5ubuntu0.2 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-client-udeb | <Β 1:4.6p1-5ubuntu0.2 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-server | <Β 1:4.6p1-5ubuntu0.2 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssh-server-udeb | <Β 1:4.6p1-5ubuntu0.2 | UNKNOWN |
Ubuntu | 7.10 | noarch | ssh-askpass-gnome | <Β 1:4.6p1-5ubuntu0.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-client | <Β 1:4.3p2-8ubuntu1.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-client-udeb | <Β 1:4.3p2-8ubuntu1.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-server | <Β 1:4.3p2-8ubuntu1.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssh-server-udeb | <Β 1:4.3p2-8ubuntu1.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | ssh-askpass-gnome | <Β 1:4.3p2-8ubuntu1.2 | UNKNOWN |