QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-4752

Back to search

CVE-2007-4752

Published: Sep 12, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

VendorProductVersions

n/a

n/a

affected
n/a

References

GLSA-200711-02
vendor-advisory
x_refsource_GENTOO
oval:org.mitre.oval:def:10809
vdb-entry
signature
x_refsource_OVAL
DSA-1576
vendor-advisory
x_refsource_DEBIAN
25628
vdb-entry
x_refsource_BID
FEDORA-2007-715
vendor-advisory
x_refsource_FEDORA
USN-566-1
vendor-advisory
x_refsource_UBUNTU
3126
third-party-advisory
x_refsource_SREASON
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
ADV-2008-2821
vdb-entry
x_refsource_VUPEN
30249
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3156
vdb-entry
x_refsource_VUPEN
SSRT071485
vendor-advisory
x_refsource_HP
31575
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0855
vendor-advisory
x_refsource_REDHAT
MDKSA-2007:236
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:5599
vdb-entry
signature
x_refsource_OVAL
29420
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
HPSBUX02287
vendor-advisory
x_refsource_HP
27399
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2007:022
vendor-advisory
x_refsource_SUSE
32241
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now