• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability

OpenSSH is susceptible to a vulnerability that causes improper activation of the 'GatewayPorts' option, allowing unintended hosts to use the SSH SOCKS proxy.

Specifically, if the 'DynamicForward' option is activated, 'GatewayPorts' is also unconditionally enabled.

This vulnerability allows remote attackers to use the SOCKS proxy to make arbitrary TCP connections through the configured SSH session, allowing them to attack computers and services through a connection that was wrongly thought to be secure.

This issue affects OpenSSH 4.0, and 4.1.