Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSH‘x11_open_helper()’函数权限许可和访问控制问题漏洞
Vulnerability Description
OpenSSH(OpenBSD Secure Shell)是OpenBSD计划组所维护的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 6.9之前版本的ssh中的channels.c文件中的‘x11_open_helper’函数存在安全漏洞,该漏洞源于程序禁用ForwardX11Trusted模式时,没有检查X连接的refusal deadline。远程攻击者可借助特制的连接利用该漏洞绕过既定的访
CVSS Information
N/A
Vulnerability Type
N/A