CVE 2008-1483
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Related bugs and status
CVE-2008-1483 (Candidate) is related to these bugs:
Bug #67488: tunnelling does not work
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 67488 | tunnelling does not work | putty (Ubuntu) | High | Fix Released | ||
Bug #210175: [openssh] [CVE-2008-1483] allows local users to hijack forwarded X connections
Bug #227322: [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 227322 | [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive | openssh (Ubuntu) | Undecided | Fix Released | ||
| 227322 | [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive | openssh (Ubuntu Gutsy) | Low | Fix Released | ||
| 227322 | [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive | openssh (Ubuntu Hardy) | Undecided | Fix Released | ||
| 227322 | [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive | openssh (Ubuntu Intrepid) | Undecided | Fix Released | ||
Bug #286337: Please backport OpenSSH 5.1 to Hardy
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 286337 | Please backport OpenSSH 5.1 to Hardy | Hardy Backports | Wishlist | Won't Fix | ||
Bug #651720: Hardy OpenSSH version out-of-date - security risks
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 651720 | Hardy OpenSSH version out-of-date - security risks | openssh (Ubuntu) | Undecided | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
