OVAL Reference oval:org.mitre.oval:def:5599

Oval Definition:

oval:org.mitre.oval:def:5599

Revision Date:	2015-04-20	Version:	25
Title:	HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges
Description:	ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2007-4752
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02287 HP-UX B.11.11 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.003 OR Criteria meets HP Security Bulletin HPSBUX02287 HP-UX B.11.23 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.004 OR Criteria meets HP Security Bulletin HPSBUX02287 HP-UX B.11.31 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.005