OpenSSH bypass timeout checks and XSECURITY restrictions

Oct 10, 2023

Summary

An access restriction bypass vulnerability in OpenSSH allows remote attackers to evade X11 forwarding connection deadlines.

Vulnerability ID	Vulnerability Overview
CVE-2015-5352	The `x11_open_helper` function in OpenSSH (before version 6.9) does not properly check the refusal deadline for X connections when `ForwardX11Trusted` mode is disabled. This vulnerability makes it easier for a compromised or malicious remote X application to bypass intended access restrictions and establish a connection to the local X server outside of the permitted time window.

Affected Supported TeraStations

None

Date	Description
10/10/2023	Initial release