OpenSSH versions 2.9 and earlier contains a flaw that, with X forwarding enabled, may allow a malicious local user to delete any file named 'cookies' via a symlink attack. The issue is triggered when X forwarding is enabled and the user is able to delete their cookies file and make a symlink linking the cookies file of another user to their temp directory. It is possible that the flaw may allow the users to delete the cookies files of others when logging out, resulting in a loss of availability of that file.
-
时间线
2001-06-04
Unknow
2001-06-04
Unknow
-
解决方案
Upgrade to version 2.9.9 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch, or by turning off X11 forwarding.