exploits , vulnerabilities , articles , OpenSSH X connections Session Hijacking Vulnerability

Title	OpenSSH X connections Session Hijacking Vulnerability
Published	2008-03-25-12:00AM
Updated	2008-03-27-01:30PM
Class	Design Error
CVE	CVE-2008-1483
Remote	No
Local	Yes
Credit	Timo Juhani Lindfors is credited with the discovery of this vulnerability.
Vulnerable	rPath rPath Linux 1 rPath Appliance Platform Linux Service 1 OpenSSH OpenSSH 4.3p2 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0
Not Vulnerable
Code	A specific exploit is not required. The attacker would only need to listen to port 6010 with a program such as VNC or NC.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-08 LightNEasy fckeditor Arbitrary File Upload Vulnerability
• 2009-12-08 HP OpenView Data Protector Application Recovery Manager Stack Buffer Overflow Vulnerability
• 2009-12-08 RETIRED: Microsoft December 2009 Advance Notification Multiple Vulnerabilities
• 2009-12-08 Computer Associates Service Desk Cross-Site Scripting Vulnerability
• 2009-12-08 Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability
• 2009-12-08 Microsoft Internet Explorer CSS Race Condition Remote Code Execution Vulnerability
• 2009-12-08 IBM InfoSphere Information Server Multiple Unspecified Buffer Overflow Vulnerabilities
• 2009-12-08 Novell iPrint Client Remote Buffer Overflow Vulnerabilities
• 2009-12-07 FFmpeg TCP/UDP Memory Leak Denial Of ServiceVulnerability
• 2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Wed, 09 Dec 2009 07:49:22 +0000