Amazon Linux AMI : openssh (ALAS-2016-675)
High Nessus Plugin ID 90268
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionAn access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.
SolutionRun 'yum update openssh' to update your system.