OpenSSH < 7.2 Untrusted X11 Forwarding Fallback Security Bypass
High Nessus Plugin ID 90022
SynopsisThe SSH server running on the remote host is affected by a security bypass vulnerability.
DescriptionAccording to its banner, the version of OpenSSH running on the remote host is prior to 7.2. It is, therefore, affected by a security bypass vulnerability due to a flaw in ssh(1) that is triggered when it falls back from untrusted X11 forwarding to trusted forwarding when the SECURITY extension is disabled by the X server. This can result in untrusted X11 connections that can be exploited by a remote attacker.
SolutionUpgrade to OpenSSH version 7.2 or later.