AIX OpenSSH Advisory : ssh_advisory.asc
Medium Nessus Plugin ID 73565
SynopsisThe remote AIX host is running a vulnerable version of OpenSSH.
DescriptionThe version of OpenSSH running on the remote host is affected by the following vulnerabilities :
- OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. (CVE-2008-1483)
- OpenSSH before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file. (CVE-2008-1657)
SolutionA fix is available and can be downloaded from the OpenSSH sourceforge website for the AIX release.