CVE-2008-1483

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
24/03/2008
Last modified:
09/04/2025

Description

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools