Detections
Analytics
GEN005200 - X displays must not be exported to the world.
Information
Open X displays allow an attacker to capture keystrokes and to execute commands remotely. Many users have their X Server set to xhost +, permitting access to the X Server by anyone, from anywhere.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
If using an xhost-type authentication the xhost - command can be used to remove current trusted hosts and then selectively allow only trusted hosts to connect with xhost + commands. A cryptographically secure authentication, such as provided by the xauth program, is always preferred. Refer to your X11 server's documentation for further security information.See Also
https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip
Item Details
Audit Name: DISA STIG AIX 6.1 v1r14
Category: ACCESS CONTROL
References: 800-53|AC-6, CAT|I, CCI|CCI-000225, Group-ID|V-4697, Rule-ID|SV-4697r2_rule, STIG-ID|GEN005200, Vuln-ID|V-4697
Plugin: Unix
Control ID: 401cc0b0f016a0f24fcc6bc9f6946c7ef3029b65095481d338884a3d942bc265