Open SSH untrusted X11 forwarding (CVE-2016-1908)

Mar 10, 2023

Open SSH untrusted X11 forwarding

Summary

This vulnerability applies to functionality when the system is acting as an X11 Server. No Buffalo NAS products use this functionality, and so no Buffalo Sytems are affected by this vulnerability.

Vulnerability ID	Vulnerability Overview
CVE-2016-1908	The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

Affected Supported TeraStations

None

Back to Security Notices

Date	Description
3/10/2022	Initial release

Network Attached Storage

Portable Solid State Drive (SSD)

External Hard Drives

While Supplies Last

Optical Drives

Multi-Gigabit Switches

Accessories

View All

Latest Article

Buffalo Americas Product Life Cycle Status Change Notice - BS-MP2008 & BS-MP2012 Business Switches

Open SSH untrusted X11 forwarding (CVE-2016-1908)

Open SSH untrusted X11 forwarding