"unprivileged users may hijack forwarded X connections"
Hello,
I was curious what the status of a fix for the etch version of the bug
would be:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011
ssh: unprivileged users may hijack forwarded X connections by listening on port 6010
Severity: grave; Tags: security, upstream;
Found in versions openssh/1:4.3p2-9, 4.7p1-2;
Fixed in version openssh/1:4.7p1-5 by Colin Watson <cjwatson@debian.org>;
It looks like it hs been handled for testing/unstable but its unclear if
this fix has been applied to version currently in etch (OpenSSH_4.3p2
Debian-9) and the security repository.
Does anyone know if this has been addressed? Are there any plans to do
so?
Thanks!
--
David Ehle
Computing Systems Manager
CAPP CSRRI
rm 077
LS Bld. IIT Main Campus
Chicago IL 60616
ehle@iit.edu
312-567-3751
He who fights with monsters must take care lest he thereby become a
monster. And if you gaze for long into an abyss, the abyss gazes also into
you.
Reply to: