CVE-2007-4752 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-4752 Interim 1 19 2025-11-05T06:19:16Z current 2021-05-30T12:40:02Z 2025-11-05T06:19:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-4752 ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3GDG3S6YALF2TLI2YHJQBWY7E2NBPS57/#3GDG3S6YALF2TLI2YHJQBWY7E2NBPS57 E-Mail link for SUSE-SR:2007:022 https://www.suse.com/support/kb/doc/?id=7021676 E-Mail link for TID7021676 https://www.suse.com/support/kb/doc/?id=7022102 E-Mail link for TID7022102 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 16.0 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Tumbleweed openssh-10.0p2-160000.2.2 openssh-5.1p1-41.31.36 openssh-5.1p1-41.51.1 openssh-6.2p2-0.9.1 openssh-6.6p1-4.7 openssh-8.4p1-7.4 openssh-9.6p1-1.4 openssh-9.6p1-slfo.1.1_1.6 openssh-askpass-5.1p1-41.31.36 openssh-askpass-5.1p1-41.51.1 openssh-askpass-6.2p2-0.9.1 openssh-cavs-10.0p2-160000.2.2 openssh-cavs-8.4p1-7.4 openssh-clients-10.0p2-160000.2.2 openssh-clients-8.4p1-7.4 openssh-clients-9.6p1-1.4 openssh-clients-9.6p1-slfo.1.1_1.6 openssh-common-10.0p2-160000.2.2 openssh-common-8.4p1-7.4 openssh-common-9.6p1-1.4 openssh-common-9.6p1-slfo.1.1_1.6 openssh-fips-6.6p1-4.7 openssh-fips-8.4p1-7.4 openssh-fips-9.6p1-1.4 openssh-fips-9.6p1-slfo.1.1_1.6 openssh-helpers-10.0p2-160000.2.2 openssh-helpers-8.4p1-7.4 openssh-openssl1-6.6p1-10.1 openssh-openssl1-helpers-6.6p1-10.1 openssh-server-10.0p2-160000.2.2 openssh-server-8.4p1-7.4 openssh-server-9.6p1-1.4 openssh-server-9.6p1-slfo.1.1_1.6 openssh-server-config-rootlogin-10.0p2-160000.2.2 openssh-server-config-rootlogin-9.6p1-1.4 openssh-server-config-rootlogin-9.6p1-slfo.1.1_1.6 openssh-5.1p1-41.31.36 as a component of SUSE Linux Enterprise Server 11 SP1 openssh-askpass-5.1p1-41.31.36 as a component of SUSE Linux Enterprise Server 11 SP1 openssh-5.1p1-41.51.1 as a component of SUSE Linux Enterprise Server 11 SP2 openssh-askpass-5.1p1-41.51.1 as a component of SUSE Linux Enterprise Server 11 SP2 openssh-6.2p2-0.9.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssh-askpass-6.2p2-0.9.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssh-6.6p1-4.7 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-fips-6.6p1-4.7 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-openssl1-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-openssl1-helpers-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-cavs-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-clients-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-common-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-helpers-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-server-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-server-config-rootlogin-10.0p2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openssh-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-clients-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-common-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-fips-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-server-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-server-config-rootlogin-9.6p1-1.4 as a component of SUSE Linux Micro 6.0 openssh-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-clients-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-common-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-fips-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-server-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-server-config-rootlogin-9.6p1-slfo.1.1_1.6 as a component of SUSE Linux Micro 6.1 openssh-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-cavs-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-clients-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-common-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-fips-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-helpers-8.4p1-7.4 as a component of openSUSE Tumbleweed openssh-server-8.4p1-7.4 as a component of openSUSE Tumbleweed ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. CVE-2007-4752 SUSE Linux Enterprise Server 11 SP1:openssh-5.1p1-41.31.36 SUSE Linux Enterprise Server 11 SP1:openssh-askpass-5.1p1-41.31.36 SUSE Linux Enterprise Server 11 SP2:openssh-5.1p1-41.51.1 SUSE Linux Enterprise Server 11 SP2:openssh-askpass-5.1p1-41.51.1 SUSE Linux Enterprise Server 11 SP3:openssh-6.2p2-0.9.1 SUSE Linux Enterprise Server 11 SP3:openssh-askpass-6.2p2-0.9.1 SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-4.7 SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-4.7 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-10.1 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-10.1 SUSE Linux Enterprise Server 16.0:openssh-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-cavs-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-clients-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-common-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-helpers-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-server-10.0p2-160000.2.2 SUSE Linux Enterprise Server 16.0:openssh-server-config-rootlogin-10.0p2-160000.2.2 SUSE Linux Micro 6.0:openssh-9.6p1-1.4 SUSE Linux Micro 6.0:openssh-clients-9.6p1-1.4 SUSE Linux Micro 6.0:openssh-common-9.6p1-1.4 SUSE Linux Micro 6.0:openssh-fips-9.6p1-1.4 SUSE Linux Micro 6.0:openssh-server-9.6p1-1.4 SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-1.4 SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_1.6 SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_1.6 SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_1.6 SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_1.6 SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_1.6 SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_1.6 openSUSE Tumbleweed:openssh-8.4p1-7.4 openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4 openSUSE Tumbleweed:openssh-clients-8.4p1-7.4 openSUSE Tumbleweed:openssh-common-8.4p1-7.4 openSUSE Tumbleweed:openssh-fips-8.4p1-7.4 openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4 openSUSE Tumbleweed:openssh-server-8.4p1-7.4 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P