Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

ssh -- unauthorized port forwarding

Date Reported:

undated

Affected Packages:

ssh

Vulnerable:

Yes

Security database references:

CERT's vulnerabilities, advisories and incident notes: CA-1998-03.

More information:

ssh allowed non-privileged users to forward privileged ports.

Fixes: ssh 1.2.21-1 or later

Insufficient permission checking may allow an SSH client user to access remote accounts belonging to the ssh-agent user.

SSH versions 1.2.17 through 1.2.21 are vulnerable. SSH versions prior to 1.2.17 are vulnerable to a different, though similar, attack.

Fixed in:

Intel - (in release 1.1) 1.2.21-1

This page is also available in the following languages:

Deutsch español français hrvatski 日本語 (Nihongo) svenska

How to set the default document language