- Home
- CVEs with nessus.description==The OpenSSH project reports :
Missing sanitisation of untrusted input allows an authenticated user
who is able to request X11 forwarding to inject commands to xauth(1).
Injection of xauth commands grants the ability to read arbitrary files
under the authenticated user's privilege, Other xauth commands allow
limited information leakage, file overwrite, port probing and
generally expose xauth(1), which was not written with a hostile user
in mind, as an attack surface.
Mitigation :
Set X11Forwarding=no in sshd_config. This is the default.
For authorized_keys that specify a 'command' restriction, also set the
'restrict' (available in OpenSSH >=7.2) or 'no-x11-forwarding'
restrictions.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top