PT-2015-3402 · Openssh+6 · Openssh+6

Jann Horn

Publicado

2015-07-09

Atualizado

2024-07-08

CVE-2015-5352

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 6.9

Description The issue is related to the x11 open helper function in channels.c in ssh, which lacks a check of the refusal deadline for X connections when ForwardX11Trusted mode is not used. This makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window. The vulnerability is also associated with errors in privilege management, which can allow a remote attacker to impact the integrity of protected information.

Recommendations For OpenSSH versions prior to 6.9, consider disabling the x11 open helper function as a temporary workaround until a patch is available. Restrict access to X connections when ForwardX11Trusted mode is not used to minimize the risk of exploitation. Avoid using the ForwardX11Trusted mode until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

ALT-PU-2016-1023

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2021-03142

CESA-2016_0741

CVE-2015-5352

DLA-1500-1

DLA-288-1

MGASA-2015-0271

RHSA-2016:0741

RHSA-2016_0741

SUSE-SU-2015:1544-1

SUSE-SU-2015:1581-1

SUSE-SU-2015:1695-1

SUSE-SU-2015:1840-1

USN-2710-1

USN-2710-2

Produtos afetados

Alt Linux

Centos

Ibm Aix

Openssh

Red Hat

Suse

Ubuntu

PT-2015-3402 · Openssh+6 · Openssh+6

CVE-2015-5352

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 430