Mandrake Linux Security Advisory : openssh (MDKSA-2007:236)
High Nessus Plugin ID 29233
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA flaw in OpenSSH prior to 4.7 prevented ssh from properly handling when an untrusted cookie could not be created and used a trusted X11 cookie instead, which could allow attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
The updated packages have been patched to correct these issue.
SolutionUpdate the affected packages.