Oval Definition:oval:com.ubuntu.xenial:def:20161908000
Revision Date:2017-04-11Version:1
Title:CVE-2016-1908 on Ubuntu 16.04 LTS (xenial) - low.
Description:The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-1908
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND NOT While related to the CVE in some way, the 'openssh' package in xenial is not affected (note: '1:7.2p2-4').
  • BACK