CVE-2008-1483

CVSS 6.9 - MEDIUM

Description

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

Affected Products

1

Vendor	Product	Version
openbsd	openssh	`4.3p2`

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisorie...

http://aix.software.ibm.com/aix/efixes/security/ss...

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=4...

http://h20000.www2.hp.com/bizsupport/TechSupport/D...

http://lists.apple.com/archives/security-announce/...

http://lists.opensuse.org/opensuse-security-announ...

http://secunia.com/advisories/29522

http://secunia.com/advisories/29537

http://secunia.com/advisories/29554

http://secunia.com/advisories/29626

http://secunia.com/advisories/29676

http://secunia.com/advisories/29683

http://secunia.com/advisories/29686

http://secunia.com/advisories/29721

http://secunia.com/advisories/29735

http://secunia.com/advisories/29873

http://secunia.com/advisories/29939

http://secunia.com/advisories/30086

http://secunia.com/advisories/30230

http://secunia.com/advisories/30249

Weakness Types

CWE-264

CVE Information

CVE ID:: CVE-2008-1483
Published:: 2008-03-24
Modified:: 2026-04-23
CVSS Score:: 6.9
Severity:: MEDIUM
Vector:: AV:L/AC:M/Au:N/C:C/I:C/A:C

Affected Vendors

openbsd

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL