PublicDate: 2008-03-24 23:44:00 UTC
Candidate: CVE-2008-1483
References: 
 https://ubuntu.com/security/notices/USN-597-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
Description:
 OpenSSH 4.3p2, and probably other versions, allows local users to hijack
 forwarded X connections by causing ssh to set DISPLAY to :10, even when
 another process is listening on the associated port, as demonstrated by
 opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: kees
CVSS: 


Patches_openssh:
upstream_openssh: needs-triage
dapper_openssh: released (1:4.2p1-7ubuntu3.3)
edgy_openssh: released (1:4.3p2-5ubuntu1.2)
feisty_openssh: released (1:4.3p2-8ubuntu1.2)
gutsy_openssh: released (1:4.6p1-5ubuntu0.2)
devel_openssh: not-affected