CVE-2008-1483
Publication date 24 March 2008
Last updated 24 July 2024
Ubuntu priority
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Status
Package | Ubuntu Release | Status |
---|---|---|
openssh | 7.10 gutsy |
Fixed 1:4.6p1-5ubuntu0.2
|
7.04 feisty |
Fixed 1:4.3p2-8ubuntu1.2
|
|
6.10 edgy |
Fixed 1:4.3p2-5ubuntu1.2
|
|
6.06 LTS dapper |
Fixed 1:4.2p1-7ubuntu3.3
|