CVEs-PoC/2015/CVE-2015-5352.md at ef21a24366f7bbc1220842143b6857a7549ce607

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-27 05:01:13 +01:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

POC

Reference

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Github

https://github.com/Live-Hack-CVE/CVE-2015-5352
https://github.com/Maribel0370/Nebula-io
https://github.com/lekctut/sdb-hw-13-01
https://github.com/pedr0alencar/vlab-metasploitable2
https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough

1.2 KiB Raw Blame History

CVE-2015-5352

Description

POC

Reference

Github

1.2 KiB

Raw Blame History