OpenSSH X11 Forwarding Session Hijacking

This script is Copyright (C) 2008-2011 Tenable Network Security, Inc.

Synopsis :

The remote SSH service is prone to an X11 session hijacking

Description :

According to its banner, the version of SSH installed on the remote
host is older than 5.0. Such versions may allow a local user to
hijack X11 sessions because it improperly binds TCP ports on the local
IPv6 interface if the corresponding ports on the IPv4 interface are in

See also :

Solution :

Upgrade to OpenSSH version 5.0 or later.

Risk factor :

Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.7
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 31737 ()

Bugtraq ID: 28444

CVE ID: CVE-2008-1483