CVE Database


Impact: Low
Public: 2007-09-04
Bugzilla: 280361: CVE-2007-4752 openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails
IAVA: 2008-T-0046


The MITRE CVE dictionary describes this issue as:

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

Find out more about CVE-2007-4752 from the MITRE CVE dictionary and NIST NVD.


This issue did not affect the OpenSSH packages as distributed with Red Hat Enterprise Linux 2.1 or 3, as they do not support Trusted X11 forwarding.
For Red Hat Enterprise Linux 4 and 5, this issue was addressed via:

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux ES EUS (v. 4.5) (openssh) RHSA-2008:0855 August 22, 2008
Red Hat Enterprise Linux version 4 (openssh) RHSA-2008:0855 August 22, 2008
Red Hat Enterprise Linux version 5 (openssh) RHSA-2008:0855 August 22, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.