CVE-2008-3259 — Sensitive Information Exposure in Openssh

CWE-200 — Sensitive Information Exposure6 documents6 sources

Severity

1.2LOWNVD

EPSS

0.0%

top 92.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedJul 22

Latest updateMay 1

Description

OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.

CVSS vector

AV:L/AC:H/C:P/I:N/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

▶NVDopenbsd/openssh5.0+70

🔴Vulnerability Details

GHSA

GHSA-33jf-4rqx-933q: OpenSSH before 5↗2022-05-01

▶

CVEList

CVE-2008-3259: OpenSSH before 5↗2008-07-22

▶

📋Vendor Advisories

Red Hat

openssh: SO_REUSEADDR insecure for X11 forwarding sockets on some platforms↗2008-05-16

▶

Debian

CVE-2008-3259: openssh - OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost ...↗2008

▶

💬Community

Bugzilla

CVE-2008-3259 openssh: SO_REUSEADDR insecure for X11 forwarding sockets on some platforms↗2008-07-23

▶