Ubuntu
openssh package

  1. Edgy (6.10)
  2. Bug #210175
  3. Comment #9

Comment 9 for bug 210175

Revision history for this message
In , rbu (rbu-gentoo-bugs) wrote :

CVE-2008-1483 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1483):
  OpenSSH 4.3p2, and probably other versions, allows local users to hijack
  forwarded X connections by causing ssh to set DISPLAY to :10, even when
  another process is listening on the associated port, as demonstrated by
  opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.