CVE - CVE-2007-4752

CVE-ID
CVE-2007-4752	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2008-03-18 URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BID:25628 URL:http://www.securityfocus.com/bid/25628 BUGTRAQ:20070917 FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass URL:http://www.securityfocus.com/archive/1/479760/100/0/threaded BUGTRAQ:20071115 Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges URL:http://www.securityfocus.com/archive/1/483748/100/200/threaded CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=191321 CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm CONFIRM:http://www.openssh.com/txt/release-4.7 CONFIRM:https://issues.rpath.com/browse/RPL-1706 DEBIAN:DSA-1576 URL:http://www.debian.org/security/2008/dsa-1576 FEDORA:FEDORA-2007-715 URL:https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html GENTOO:GLSA-200711-02 URL:http://security.gentoo.org/glsa/glsa-200711-02.xml HP:HPSBUX02287 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085 HP:SSRT071485 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085 MANDRIVA:MDKSA-2007:236 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:236~~ (Obsolete source) MISC:https://bugzilla.redhat.com/show_bug.cgi?id=280471 OVAL:oval:org.mitre.oval:def:10809 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10809 OVAL:oval:org.mitre.oval:def:5599 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5599 REDHAT:RHSA-2008:0855 URL:http://www.redhat.com/support/errata/RHSA-2008-0855.html SECUNIA:27399 URL:http://secunia.com/advisories/27399 SECUNIA:29420 URL:http://secunia.com/advisories/29420 SECUNIA:30249 URL:http://secunia.com/advisories/30249 SECUNIA:31575 URL:http://secunia.com/advisories/31575 SECUNIA:32241 URL:http://secunia.com/advisories/32241 SREASON:3126 URL:http://securityreason.com/securityalert/3126 SUSE:SUSE-SR:2007:022 URL:http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html UBUNTU:USN-566-1 URL:http://www.ubuntu.com/usn/usn-566-1 VUPEN:ADV-2007-3156 URL:~~http://www.vupen.com/english/advisories/2007/3156~~ (Obsolete source) VUPEN:ADV-2008-0924 URL:~~http://www.vupen.com/english/advisories/2008/0924/references~~ (Obsolete source) VUPEN:ADV-2008-2821 URL:~~http://www.vupen.com/english/advisories/2008/2821~~ (Obsolete source) XF:openssh-x11cookie-privilege-escalation(36637) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/36637
Assigning CNA
MITRE Corporation
Date Record Created
20070907	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070907)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)