Total vulnerabilities in the database
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
| Software | From | Fixed in |
|---|---|---|
| openbsd / openssh | 4.3p2 | 4.3p2.x |
| openbsd / openssh | - | 4.6.x |
| openbsd / openssh | 4.1 | 4.1.x |
| openbsd / openssh | 4.0p1 | 4.0p1.x |
| openbsd / openssh | 4.4 | 4.4.x |
| openbsd / openssh | 4.1p1 | 4.1p1.x |
| openbsd / openssh | 4.2p1 | 4.2p1.x |
| openbsd / openssh | 4.5 | 4.5.x |
| openbsd / openssh | 4.2 | 4.2.x |
| openbsd / openssh | 4.4p1 | 4.4p1.x |
| openbsd / openssh | 4.3p1 | 4.3p1.x |
| openbsd / openssh | 4.3 | 4.3.x |
| openbsd / openssh | 4.0 | 4.0.x |