OpenSSH Client Unauthorized Remote Forwarding Network Vulnerability

Summary

You are running OpenSSH SSH client before 2.3.0. This version does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.

Solution

Patch and New version are available from OpenSSH.

Severity

Classification

CVE CVE-2000-1169
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeSSHD Key Exchange Buffer Overflow
TFTPD small overflow
OpenSSH AFS/Kerberos ticket/token passing
OpenSSH UseLogin Environment Variables
Array Networks vxAG/xAPV Authentication Bypass Vulnerabilities

Take action and discover your vulnerabilities