|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
OpenSSH Security Advisory: x11fwd.adv
From http://www.openssh.com/txt/x11fwd.adv :
Code:
1. Affected configurations All versions of OpenSSH prior to 7.2p2 with X11Forwarding enabled. 2. Vulnerability Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth(1). Injection of xauth commands grants the ability to read arbitrary files under the authenticated user's privilege, Other xauth commands allow limited information leakage, file overwrite, port probing and generally expose xauth(1), which was not written with a hostile user in mind, as an attack surface. xauth(1) is run under the user's privilege, so this vulnerability offers no additional access to unrestricted accounts, but could circumvent key or account restrictions such as sshd_config ForceCommand, authorized_keys command="..." or restricted shells.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
FreeBSD FreeBSD-Security Advisory for SSHD | J65nko | News | 0 | 5th November 2014 02:57 AM |
Security OpenSSH Security Advisory | J65nko | News | 0 | 9th November 2013 07:57 PM |
Security Advisory for Flash Player, Adobe Reader and Acrobat | J65nko | News | 0 | 6th June 2010 01:36 AM |
OpenSSL Security Advisory [24 March 2010] | J65nko | News | 0 | 29th March 2010 11:12 PM |
Upcoming FreeBSD Security Advisory | DNAeon | FreeBSD Security | 3 | 6th December 2009 04:34 PM |