CVE-2015-5352

The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

Published : 2015-08-03 01:59 Updated : 2018-10-24 10:29

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Openbsd Openssh 6.8 cpe:/a:openbsd:openssh:6.8
  1. Openbsd (1) Search CVE
    1. Openssh (1) Search CVE
      1. 6.8

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE