This script is Copyright (C) 2005-2012 Tenable Network Security, Inc.
The remote X11 server accepts connections from anywhere.
The remote X11 server accepts connection from anywhere. An attacker
may connect to it to eavesdrop on the keyboard and mouse events of
a user on the remote host. It is even possible for an attacker to
grab a screenshot of the remote host or to display arbitrary programs.
An attacker may exploit this flaw to obtain the username and password
of a user on the remote host.
Restrict access to this port by using the 'xhost' command.
If the X11 client/server facility is not used, disable TCP entirely.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Nessus Plugin ID: 19948 ()
CVE ID: CVE-1999-0526