CVE-2015-5352 openssh: XSECURITY restrictions bypass under certain conditions in ssh(1)

CVE ID

CVE-2015-5352

DESCRIPTION

It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.

RESOLUTION

  • CentOS6 Unitrends' appliances (physical and/or virtual), fixed in Unitrends software release-10.3.8-4. Please upgrade to latest release.
  • CentOS7 Unitrends' appliances (physical and/or virtual) are not affected by this CVE.

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us