OpenSSH < 7.2 Input Validation Error

critical Nessus Network Monitor Plugin ID 701160

Synopsis

The remote SSH server may be affected by a input validation error.

Description

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

Solution

Upgrade to OpenSSH 7.x version 7.2 or later.

See Also

http://www.openssh.com/txt/release-7.2

Plugin Details

Severity: Critical

ID: 701160

Family: SSH

Published: 8/21/2019

Updated: 8/21/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Patch Publication Date: 1/14/2016

Vulnerability Publication Date: 1/14/2016

Reference Information

CVE: CVE-2016-1908

BID: 84427