Vengatesh SR


Discussion created by Vengatesh SR on Oct 15, 2018
Latest reply on Oct 15, 2018 by Gaurav Pandya

Hi Team,


We are getting the below vulnerability for the checkpoint.  


Name : OpenSSH X11 Cookie Local Authentication Bypass Vulnerability (openssh-x11-cookie-auth-bypass)
Description :


ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.


OpenBSD OpenSSH < 4.7
Download and apply the upgrade from:
While you can always build OpenSSH from source, many platforms and distributions provide pre-built binary packages for OpenSSH.
These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system.




We have the take installed is take_286.


From the above description, I can find the CVE associated for the vulnerability is #CVE-2007-4752.


From the #sk65269, I can see the comments given is Not vulnerable. So it means checkpoint devices are not vulnerable for this vulnerbaility ??



Vengatesh SR