exploits , vulnerabilities , articles , OpenSSH X connections Session Hijacking Vulnerability

Title	OpenSSH X connections Session Hijacking Vulnerability
Published	2008-03-25-12:00AM
Updated	2008-03-27-01:30PM
Class	Design Error
CVE	CVE-2008-1483
Remote	No
Local	Yes
Credit	Timo Juhani Lindfors is credited with the discovery of this vulnerability.
Vulnerable	rPath rPath Linux 1 rPath Appliance Platform Linux Service 1 OpenSSH OpenSSH 4.3p2 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0
Not Vulnerable
Code	A specific exploit is not required. The attacker would only need to listen to port 6010 with a program such as VNC or NC.
TXT

Vulnerabilities - newest 10 RSS | More

2009-11-26 ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
2009-11-26 America Online ICQ ActiveX Control Remote Code Execution Vulnerability
2009-11-26 Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability
2009-11-25 Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
2009-11-25 XM Easy Personal FTP Server File/Folder Remote Denial of Service Vulnerability
2009-11-25 Subscribe to Comments Prior to 2.1 Multiple Unspecified Cross Site Scripting Vulnerabilities
2009-11-25 Mozilla Firefox CVE-2009-3383 Multiple Remote Memory Corruption Vulnerabilities
2009-11-24 Subscribe to Comments WordPress Plugin Multiple Unspecified Input Validation Vulnerabilities
2009-11-24 RETIRED: Microsoft November 2009 Advance Notification Multiple Vulnerabilities
2009-11-24 Cacti Multiple HTML Injection Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Mon, 30 Nov 2009 04:07:03 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.indian WWW.89SEXY tyu www.jujiam gangbang PHP Advanc php memory /component entelwap s 200 /compo www.taobzn modifyform NAKED ACTR shop351850 2.18 Free ringt pnphpbb2 darpan2112 news for c h.p z...php?op news for c Live CD key pes 200 / remote ssh Lo 13140 bbs.fw1314 www.zgjfbj www.tiegua www.vidsvi www.ltmcs. sexy video www.lifeif www.xinfei SIXY PICTU www.zgjfbj yuo porm CMS is Fre t607t www.infae. www.1000sh www.xxxnx. www.sbz123 www.capeim www.juwuyo Sexyhot news for c www.cy2020 news for c