Detections
Analytics
GEN005200 - X displays must not be exported to the world.
Information
Open X displays allow an attacker to capture keystrokes and to execute commands remotely. Many users have their X Server set to 'xhost +', permitting access to the X Server by anyone, from anywhere.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
If using an xhost-type authentication the 'xhost -' command can be used to remove current trusted hosts and then selectively allow only trusted hosts to connect with 'xhost +' commands. A cryptographically secure authentication, such as provided by the xauth program, is always preferred. Refer to your X11 server's documentation for further security information.See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-6, CAT|I, CCI|CCI-000225, Group-ID|V-4697, Rule-ID|SV-37683r1_rule, STIG-ID|GEN005200, Vuln-ID|V-4697
Plugin: Unix
Control ID: 03800a093c822189a92dfa18bf81327c87ae657ddba275d421bf3429ff3d3c9b