ID de Prueba:	1.3.6.1.4.1.25623.1.0.11343
Categoría:	Gain a shell remotely
Título:	OpenSSH Client Unauthorized Remote Forwarding
Resumen:	The remote host is running OpenSSH SSH client before 2.3.0.
Descripción:	Summary: The remote host is running OpenSSH SSH client before 2.3.0. Vulnerability Insight: This version does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent. Solution: Patch and new version are available from OpenSSH. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2000-1169 BugTraq ID: 1949 http://www.securityfocus.com/bid/1949 Bugtraq: 20001115 Trustix Security Advisory - bind and openssh (and modutils) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html Bugtraq: 20001123 OpenSSH Security Advisory (adv.fwd) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-11/0195.html Conectiva Linux advisory: CLSA-2000:345 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000345 Debian Security Information: 20001118 openssh: possible remote exploit (Google Search) http://www.debian.org/security/2000/20001118 http://www.linux-mandrake.com/en/security/MDKSA-2000-068.php3 http://www.osvdb.org/2114 http://www.osvdb.org/6248 http://www.redhat.com/support/errata/RHSA-2000-111.html SuSE Security Announcement: SuSE-SA:2000:47 (Google Search) http://lists.suse.com/archives/suse-security-announce/2000-Nov/0004.html XForce ISS Database: openssh-unauthorized-access(5517) https://exchange.xforce.ibmcloud.com/vulnerabilities/5517
Copyright	Copyright (C) 2003 Xue Yong Zhi

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.