OpenSSH Client Unauthorized X11 Remote Forwarding

High Nessus Plugin ID 11343


The remote SSH client does not disable X11 forwarding.


The remote host is running a version of the OpenSSH client older than 2.3.0. Such versions do not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.


Upgrade to OpenSSH 2.3.0 or later.

Plugin Details

Severity: High

ID: 11343

File Name: ssh_forwarding.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Misc.

Published: 2003/03/10

Modified: 2011/03/16

Dependencies: 10267

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Vulnerability Publication Date: 2000/11/13

Reference Information

CVE: CVE-2000-1169

BID: 1949

OSVDB: 2114, 6248