X Server Unauthenticated Access: Screenshot

Critical Nessus Plugin ID 66349


The remote X server accepts TCP connections.


The remote X server accepts remote TCP connections. It is possible for an attacker to grab a screenshot of the remote host.


Restrict access to this port by using the 'xhost' command. If the X client/server facility is not used, disable TCP connections to the X server entirely.

Plugin Details

Severity: Critical

ID: 66349

File Name: xserver_screenshot.nbin

Version: $Revision: 1.23 $

Type: remote

Family: Misc.

Published: 2013/05/08

Modified: 2018/01/29

Dependencies: 10407, 11936

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:x.org:x11:7.1_1.1.0

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1990/01/01

Exploitable With

Metasploit (X11 No-Auth Scanner)

Reference Information

CVE: CVE-1999-0526

OSVDB: 309

CERT: 704969