Displaying 2 results from an estimated 2 matches for "tintinweb".
Did you mean:
tintin_jb
2016 Mar 10
0
OpenSSH Security Advisory: xauth command injection
...or overwrite arbitrary files subject to
file permissions, connect to local ports or perform attacks
on xauth(1) itself.
OpenSSH 7.2p2 implements a whitelist of characters that
are permitted to appear in X11 authentication credentials.
5. Credit
This issue was identified by github.com/tintinweb and
communicated to the OpenSSH developers on March 3rd, 2016.
6. Fix
Portable OpenSSH 7.2p2 contains a fix for this vulnerability.
Patches for supported OpenBSD releases (5.7, 5.8 and 5.9) have
been committed to the -STABLE branches and are available on the
errata pages:
http://ww...
2016 Mar 10
2
OpenSSH Security Advisory: xauth command injection
...or overwrite arbitrary files subject to
file permissions, connect to local ports or perform attacks
on xauth(1) itself.
OpenSSH 7.2p2 implements a whitelist of characters that
are permitted to appear in X11 authentication credentials.
5. Credit
This issue was identified by github.com/tintinweb and
communicated to the OpenSSH developers on March 3rd, 2016.
6. Fix
Portable OpenSSH 7.2p2 contains a fix for this vulnerability.
Patches for supported OpenBSD releases (5.7, 5.8 and 5.9) have
been committed to the -STABLE branches and are available on the
errata pages:
http://ww...