ALAS-2016-675 ---- openssh, pam_ssh_agent_authID: oval:org.secpod.oval:def:1600376 | Date: (C)2016-05-19 (M)2023-12-07 |
Class: PATCH | Family: unix |
An access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.
Platform: |
Amazon Linux AMI |
Product: |
openssh |
pam_ssh_agent_auth |