This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote X11 server accepts connections from anywhere.
The remote X11 server accepts connections from anywhere. An attacker
can connect to it to eavesdrop on the keyboard and mouse events of a
user on the remote host. It is even possible for an attacker to grab a
screenshot of the remote host or to display arbitrary programs. An
attacker can exploit this flaw to obtain the username and password of
a user on the remote host.
Restrict access to this port by using the 'xhost' command. If the X11
client/server facility is not used, disable TCP entirely.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Nessus Plugin ID: 19948 ()
CVE ID: CVE-1999-0526
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.