OpenSSH X Connections Session Hijacking Vulnerability

Bugtraq ID: 28444
Class: Design Error
CVE: CVE-2008-1483
Remote: No
Local: Yes
Published: Mar 25 2008 12:00AM
Updated: Mar 19 2015 08:50AM
Credit: Timo Juhani Lindfors is credited with the discovery of this vulnerability.
Vulnerable: Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 11 x64
Turbolinux Turbolinux Server 11
Turbolinux Turbolinux Server 10.0.0 x64
TurboLinux Personal
TurboLinux Multimedia
Turbolinux FUJI 0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Turbolinux Appliance Server 2.0
Tevfik Karagulle cwRsync 2.0.10
Tevfik Karagulle cwRsync 2.0.9
SuSE SUSE Linux Enterprise Server 9
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise SDK 10 SP1
SuSE SUSE Linux Enterprise SDK 10
SuSE SUSE Linux Enterprise Desktop 10 SP1
SuSE SUSE Linux Enterprise Desktop 10
SuSE SUSE Linux Enterprise 10 SP1 DEBUGINFO
SuSE openSUSE 10.3
SuSE Linux Professional 10.2 x86_64
SuSE Linux Personal 10.2 x86_64
Sun Solaris 9_x86
Sun Solaris 9_sparc
Sun Solaris 10_x86
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux 12.0
Slackware Linux 11.0
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SuSE Linux Open-Xchange 4.1
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
rPath rPath Linux 1
rPath Appliance Platform Linux Service 1
OpenSSH OpenSSH 4.2
OpenSSH OpenSSH 4.1 p1
OpenSSH OpenSSH 4.1
OpenSSH OpenSSH 4.0 p1
OpenSSH OpenSSH 4.0
OpenSSH OpenSSH 3.9 p1
OpenSSH OpenSSH 3.8.1 p1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
OpenSSH OpenSSH 3.8 p1
OpenSSH OpenSSH 3.7.2 p1
OpenSSH OpenSSH 3.7.1 p2
OpenSSH OpenSSH 3.7.1 p1
+ SCO Open Server 5.0.7
OpenSSH OpenSSH 3.7.1
OpenSSH OpenSSH 3.7 p1
OpenSSH OpenSSH 3.7 .1p2
OpenSSH OpenSSH 3.7
OpenSSH OpenSSH 3.6.1 p2
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Trustix Secure Linux 2.0
OpenSSH OpenSSH 3.6.1 p1
OpenSSH OpenSSH 3.6.1
OpenSSH OpenSSH 3.5 p1
OpenSSH OpenSSH 3.5
OpenSSH OpenSSH 3.4 p1-7
OpenSSH OpenSSH 3.4 p1-6
OpenSSH OpenSSH 3.4 p1-5
OpenSSH OpenSSH 3.4 p1-4
OpenSSH OpenSSH 3.4 p1-3
OpenSSH OpenSSH 3.4 p1-2
OpenSSH OpenSSH 3.4 p1-1
OpenSSH OpenSSH 3.4 p1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux Enterprise Edition 1.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.7 -RELEASE
+ FreeBSD FreeBSD 4.7
+ IBM AIX 5.1 L
+ IBM AIX 4.3.3
+ Immunix Immunix OS 7+
+ RedHat Linux 8.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0
+ Slackware Linux 8.1
OpenSSH OpenSSH 3.4
OpenSSH OpenSSH 3.3 p1
OpenSSH OpenSSH 3.3
OpenSSH OpenSSH 3.2.3 p1
OpenSSH OpenSSH 3.2.2 p1
OpenSSH OpenSSH 3.2
+ OpenBSD OpenBSD 3.1
OpenSSH OpenSSH 3.1 p1
+ Juniper Networks NetScreen-IDP 10 3.0 r2
+ Juniper Networks NetScreen-IDP 10 3.0 r1
+ Juniper Networks NetScreen-IDP 10 3.0
+ Juniper Networks NetScreen-IDP 100 3.0 r2
+ Juniper Networks NetScreen-IDP 100 3.0 r1
+ Juniper Networks NetScreen-IDP 100 3.0
+ Juniper Networks NetScreen-IDP 1000 3.0 r2
+ Juniper Networks NetScreen-IDP 1000 3.0 r1
+ Juniper Networks NetScreen-IDP 1000 3.0
+ Juniper Networks NetScreen-IDP 500 3.0 r2
+ Juniper Networks NetScreen-IDP 500 3.0 r1
+ Juniper Networks NetScreen-IDP 500 3.0
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.3
+ RedHat Linux 7.2
+ RedHat Linux 7.1
+ RedHat Linux for iSeries 7.1
+ RedHat Linux for pSeries 7.1
+ Slackware Linux 8.1
+ Sun Linux 5.0.7
+ Sun Solaris 9
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
OpenSSH OpenSSH 3.1
OpenSSH OpenSSH 3.0.2 p1
OpenSSH OpenSSH 3.0.2
OpenSSH OpenSSH 3.0.1 p1
OpenSSH OpenSSH 3.0.1
OpenSSH OpenSSH 3.0 p1
OpenSSH OpenSSH 3.0
OpenSSH OpenSSH 2.9.9
+ NetBSD NetBSD 1.5.2
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.2
OpenSSH OpenSSH 2.9 p2
OpenSSH OpenSSH 2.9 p1
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
OpenSSH OpenSSH 2.9
OpenSSH OpenSSH 2.5.2
OpenSSH OpenSSH 2.5.1
OpenSSH OpenSSH 2.5
OpenSSH OpenSSH 2.3
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
OpenSSH OpenSSH 2.2 .0p1
OpenSSH OpenSSH 2.2
OpenSSH OpenSSH 2.1.1
+ Conectiva Linux 5.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
OpenSSH OpenSSH 2.1
OpenSSH OpenSSH 1.2.3
OpenSSH OpenSSH 1.2.2
OpenSSH OpenSSH 4.9
OpenSSH OpenSSH 4.8
OpenSSH OpenSSH 4.7
OpenSSH OpenSSH 4.6p1
OpenSSH OpenSSH 4.6
OpenSSH OpenSSH 4.5
OpenSSH OpenSSH 4.4.p1
OpenSSH OpenSSH 4.4
OpenSSH OpenSSH 4.3p2
OpenSSH OpenSSH 4.3p1
OpenSSH OpenSSH 4.2p1
OpenBSD OpenBSD 4.3
OpenBSD OpenBSD 4.2
OpenBSD OpenBSD 4.1
NetBSD NetBSD 3.0.2
NetBSD NetBSD 3.0.1
NetBSD NetBSD Current
NetBSD NetBSD 4.0
NetBSD NetBSD 3.1
Navision Financials Server 3.0
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
IBM AIX 6.1
IBM AIX 5.3
IBM AIX 5.2
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Globus GSI-OpenSSH 4.2
Globus Globus Toolkit 4.1.3
Globus Globus Toolkit 4.1.2
Globus Globus Toolkit 4.1.1
Globus Globus Toolkit 4.1
Globus Globus Toolkit 4.0.7
Globus Globus Toolkit 4.0.4
Globus Globus Toolkit 4.0.3
Globus Globus Toolkit 4.0.2
Globus Globus Toolkit 4.0.1
Globus Globus Toolkit 4.0
Gentoo Linux
FreeBSD FreeBSD 6.0 -STABLE
FreeBSD FreeBSD 6.0 -RELEASE
FreeBSD FreeBSD 5.5 -STABLE
FreeBSD FreeBSD 5.5 -RELEASE
FreeBSD FreeBSD 5.4 -RELENG
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3
FreeBSD FreeBSD 5.2.1 -RELEASE
FreeBSD FreeBSD 5.2 -RELENG
FreeBSD FreeBSD 5.2 -RELEASE
FreeBSD FreeBSD 5.2
FreeBSD FreeBSD 5.1 -RELENG
FreeBSD FreeBSD 5.1 -RELEASE
FreeBSD FreeBSD 5.1
FreeBSD FreeBSD 5.0 -RELENG
FreeBSD FreeBSD 5.0
FreeBSD FreeBSD 7.1 -RELEASE-p1
FreeBSD FreeBSD 7.0 -RELENG
FreeBSD FreeBSD 7.0
FreeBSD FreeBSD 6.3 -RELENG
FreeBSD FreeBSD 6.3
FreeBSD FreeBSD 6.2 -STABLE
FreeBSD FreeBSD 6.2 -RELENG
FreeBSD FreeBSD 6.2
FreeBSD FreeBSD 6.1 -STABLE
FreeBSD FreeBSD 6.1 -RELEASE
FreeBSD FreeBSD 5.5
FreeBSD FreeBSD 5.4-STABLE
Avaya Interactive Response 3.0
Avaya Interactive Response 2.0
Attachmate Reflection for Secure IT 7.0
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.5
Not Vulnerable: Tevfik Karagulle cwRsync 2.1.2
OpenSSH OpenSSH 5.0
Attachmate Reflection for Secure IT 7.0 SP1
Apple Mac OS X Server 10.5.5
Apple Mac OS X 10.5.5


 

Privacy Statement
Copyright 2010, SecurityFocus