CVE-2007-4752

EPSS 2.37%
Published 12.09.2007 01:17:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

Affected products Warnungen 0 Metrics 2 CWE 1 References 33

Data is provided by the National Vulnerability Database (NVD)

Openbsd ≫ Openssh Version <= 4.6

Openbsd ≫ Openssh Version4.0

Openbsd ≫ Openssh Version4.0p1

Openbsd ≫ Openssh Version4.1

Openbsd ≫ Openssh Version4.1p1

Openbsd ≫ Openssh Version4.2

Openbsd ≫ Openssh Version4.2p1

Openbsd ≫ Openssh Version4.3

Openbsd ≫ Openssh Version4.3p1

Openbsd ≫ Openssh Version4.3p2

Openbsd ≫ Openssh Version4.4

Openbsd ≫ Openssh Version4.4p1

Openbsd ≫ Openssh Version4.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.37%	0.844

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://docs.info.apple.com/article.html?artnum=307562

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://www.vupen.com/english/advisories/2008/0924/references

http://secunia.com/advisories/29420

http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html

http://secunia.com/advisories/27399

http://bugs.gentoo.org/show_bug.cgi?id=191321

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085

http://secunia.com/advisories/30249

http://secunia.com/advisories/31575

http://secunia.com/advisories/32241

http://security.gentoo.org/glsa/glsa-200711-02.xml