Summary

Security Advisory ID : BSA-2016-182

Component : OpenSSH

Revision : 3.0: Final

The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

Affected Products
Brocade Fabric OS -  Fixed in 7.4.2d, 8.0.2f, 8.1.2f, 8.2.1 and higher versions.

No other Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Revision History