Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th March 2016
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,588
Default OpenSSH Security Advisory: x11fwd.adv

From http://www.openssh.com/txt/x11fwd.adv :

1. Affected configurations

        All versions of OpenSSH prior to 7.2p2 with X11Forwarding

2. Vulnerability

	Missing sanitisation of untrusted input allows an
	authenticated user who is able to request X11 forwarding
	to inject commands to xauth(1).

	Injection of xauth commands grants the ability to read
	arbitrary files under the authenticated user's privilege,
	Other xauth commands allow limited information leakage,
	file overwrite, port probing and generally expose xauth(1),
	which was not written with a hostile user in mind, as an
	attack surface.

	xauth(1) is run under the user's privilege, so this
	vulnerability offers no additional access to unrestricted
	accounts, but could circumvent key or account restrictions
	such as sshd_config ForceCommand, authorized_keys
	command="..." or restricted shells.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD FreeBSD-Security Advisory for SSHD J65nko News 0 5th November 2014 02:57 AM
Security OpenSSH Security Advisory J65nko News 0 9th November 2013 07:57 PM
Security Advisory for Flash Player, Adobe Reader and Acrobat J65nko News 0 6th June 2010 01:36 AM
OpenSSL Security Advisory [24 March 2010] J65nko News 0 29th March 2010 11:12 PM
Upcoming FreeBSD Security Advisory DNAeon FreeBSD Security 3 6th December 2009 04:34 PM

All times are GMT. The time now is 09:33 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick