Public Date:
439079: CVE-2008-1483 openssh may set DISPLAY even if it's unable to listen on respective port

The MITRE CVE dictionary describes this issue as:

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.

Find out more about CVE-2008-1483 from the MITRE CVE dictionary dictionary and NIST NVD.


All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue.

This issue was fixed in Red Hat Enterprise Linux 4 via:

Red Hat Enterprise Linux 3 is affected by this issue. The Red Hat Security Response Team has rated this issue as having low security impact.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (openssh) RHSA-2005:527 2005-10-05
Last Modified

CVE description copyright © 2017, The MITRE Corporation