CVE-2000-0217

Published: Feb 24, 2000Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.

Affected (46)

Products: Openbsd: Openssh · Ssh: Ssh, Ssh2

1 product

2 products

Configuration A

46 vulnerable

Vulnerable Software	Affected Versions
Openbsd Openssh	Version 1.2
Ssh Ssh	Version 1.2.0
Ssh Ssh	Version 1.2.10
Ssh Ssh	Version 1.2.11
Ssh Ssh	Version 1.2.12
Ssh Ssh	Version 1.2.13
Ssh Ssh	Version 1.2.14
Ssh Ssh	Version 1.2.15
Ssh Ssh	Version 1.2.16
Ssh Ssh	Version 1.2.17
Ssh Ssh	Version 1.2.18
Ssh Ssh	Version 1.2.19
Ssh Ssh	Version 1.2.1
Ssh Ssh	Version 1.2.20
Ssh Ssh	Version 1.2.21
Ssh Ssh	Version 1.2.22
Ssh Ssh	Version 1.2.23
Ssh Ssh	Version 1.2.24
Ssh Ssh	Version 1.2.25
Ssh Ssh	Version 1.2.26
Ssh Ssh	Version 1.2.27
Ssh Ssh	Version 1.2.28
Ssh Ssh	Version 1.2.29
Ssh Ssh	Version 1.2.2
Ssh Ssh	Version 1.2.30
Ssh Ssh	Version 1.2.31
Ssh Ssh	Version 1.2.3
Ssh Ssh	Version 1.2.4
Ssh Ssh	Version 1.2.5
Ssh Ssh	Version 1.2.6
Ssh Ssh	Version 1.2.7
Ssh Ssh	Version 1.2.8
Ssh Ssh	Version 1.2.9
Ssh Ssh2	Version 2.0.10
Ssh Ssh2	Version 2.0.11
Ssh Ssh2	Version 2.0.12
Ssh Ssh2	Version 2.0.1
Ssh Ssh2	Version 2.0.2
Ssh Ssh2	Version 2.0.3
Ssh Ssh2	Version 2.0.4
Ssh Ssh2	Version 2.0.5
Ssh Ssh2	Version 2.0.6
Ssh Ssh2	Version 2.0.7
Ssh Ssh2	Version 2.0.8
Ssh Ssh2	Version 2.0.9
Ssh Ssh2	Version 2.0

References (2)

http://www.securityfocus.com/bid/1006

Source: cve@mitre.org

http://www.securityfocus.com/bid/1006

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.