cve/2015/CVE-2015-5352.md

CVE-2015-5352

Description

The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

POC

Reference

• http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
• http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Github

• https://github.com/Live-Hack-CVE/CVE-2015-5352
• https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
• https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough