Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-5352

EPSS 5.39% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-5352

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenSSH‘x11_open_helper()’函数权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenSSH(OpenBSD Secure Shell)是OpenBSD计划组所维护的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 6.9之前版本的ssh中的channels.c文件中的‘x11_open_helper’函数存在安全漏洞,该漏洞源于程序禁用ForwardX11Trusted模式时,没有检查X连接的refusal deadline。远程攻击者可借助特制的连接利用该漏洞绕过既定的访
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-5352

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-5352

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-08-03 · 18 CVEs total

CVE-2015-1958IBM MQ Light 资源管理错误漏洞
CVE-2015-4936IBM WebSphere eXtreme Scale 拒绝服务漏洞
CVE-2015-4935IBM Tivoli Storage Manager FastBack 基于栈的缓冲区溢出漏洞
CVE-2015-4934IBM Tivoli Storage Manager FastBack 基于栈的缓冲区溢出漏洞
CVE-2015-4933IBM Tivoli Storage Manager FastBack 基于栈的缓冲区溢出漏洞
CVE-2015-4932IBM Tivoli Storage Manager FastBack 基于栈的缓冲区溢出漏洞
CVE-2015-4931IBM Tivoli Storage Manager FastBack 基于栈的缓冲区溢出漏洞
CVE-2015-1987IBM MQ Light 资源管理错误漏洞
CVE-2015-1970IBM WebSphere DataPower XC10 信息泄露漏洞
CVE-2015-5600OpenSSH sshd 权限许可和访问控制问题漏洞
CVE-2015-1956IBM MQ Light 资源管理错误漏洞
CVE-2015-1955IBM MQ Light 资源管理错误漏洞
CVE-2015-5623WordPress 安全漏洞
CVE-2015-5622WordPress 跨站脚本漏洞
CVE-2015-3440WordPress 跨站脚本漏洞
CVE-2015-5537Siemens RuggedCom ROS和ROX II设备信息泄露漏洞
CVE-2015-5084Siemens SIMATIC WinCC Sm@rtClient和SIMATIC WinCC Sm@rtClient Lite 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-5352

No comments yet

Leave a comment