CVE-2008-3259

OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
1.2 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
openbsdopenssh
𝑥
≤ 5.0
openbsdopenssh
1.2
openbsdopenssh
1.2.1
openbsdopenssh
1.2.2
openbsdopenssh
1.2.3
openbsdopenssh
1.2.27
openbsdopenssh
1.3
openbsdopenssh
1.5
openbsdopenssh
1.5.7
openbsdopenssh
1.5.8
openbsdopenssh
2.1
openbsdopenssh
2.1.1
openbsdopenssh
2.2
openbsdopenssh
2.3
openbsdopenssh
2.3.1
openbsdopenssh
2.5
openbsdopenssh
2.5.1
openbsdopenssh
2.5.2
openbsdopenssh
2.9
openbsdopenssh
2.9.9
openbsdopenssh
2.9.9p2:p2
openbsdopenssh
2.9p1:p1
openbsdopenssh
2.9p2:p2
openbsdopenssh
3.0
openbsdopenssh
3.0.1
openbsdopenssh
3.0.1p1:p1
openbsdopenssh
3.0.2
openbsdopenssh
3.0.2p1:p1
openbsdopenssh
3.0p1:p1
openbsdopenssh
3.1
openbsdopenssh
3.1p1:p1
openbsdopenssh
3.2
openbsdopenssh
3.2.2
openbsdopenssh
3.2.2p1:p1
openbsdopenssh
3.2.3p1:p1
openbsdopenssh
3.3
openbsdopenssh
3.3p1:p1
openbsdopenssh
3.4
openbsdopenssh
3.4p1:p1
openbsdopenssh
3.5
openbsdopenssh
3.5p1:p1
openbsdopenssh
3.6
openbsdopenssh
3.6.1
openbsdopenssh
3.6.1p1:p1
openbsdopenssh
3.6.1p2:p2
openbsdopenssh
3.7
openbsdopenssh
3.7.1
openbsdopenssh
3.7.1p1:p1
openbsdopenssh
3.7.1p2:p2
openbsdopenssh
3.8
openbsdopenssh
3.8.1
openbsdopenssh
3.8.1p1:p1
openbsdopenssh
3.9
openbsdopenssh
3.9.1
openbsdopenssh
3.9.1p1:p1
openbsdopenssh
4.0
openbsdopenssh
4.0p1:p1
openbsdopenssh
4.1
openbsdopenssh
4.1p1:p1
openbsdopenssh
4.2
openbsdopenssh
4.2p1:p1
openbsdopenssh
4.3
openbsdopenssh
4.3p1:p1
openbsdopenssh
4.3p2:p2
openbsdopenssh
4.4
openbsdopenssh
4.4p1:p1
openbsdopenssh
4.5
openbsdopenssh
4.6
openbsdopenssh
4.7
openbsdopenssh
4.8
openbsdopenssh
4.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssh
bullseye (security)
1:8.4p1-5+deb11u3
fixed
bullseye
1:8.4p1-5+deb11u3
fixed
bookworm
1:9.2p1-2+deb12u3
fixed
bookworm (security)
1:9.2p1-2+deb12u3
fixed
sid
1:9.9p1-3
fixed
trixie
1:9.9p1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssh
hardy
not-affected
gutsy
not-affected
feisty
not-affected
dapper
not-affected
Common Weakness Enumeration
References
http://openssh.com/security.html
http://secunia.com/advisories/31179
http://www.openssh.com/txt/release-5.1
http://www.securityfocus.com/bid/30339
http://www.securitytracker.com/id?1020537
http://www.vupen.com/english/advisories/2008/2148
https://exchange.xforce.ibmcloud.com/vulnerabilities/43940
http://openssh.com/security.html
http://secunia.com/advisories/31179
http://www.openssh.com/txt/release-5.1
http://www.securityfocus.com/bid/30339
http://www.securitytracker.com/id?1020537
http://www.vupen.com/english/advisories/2008/2148
https://exchange.xforce.ibmcloud.com/vulnerabilities/43940