X Window System contents.gifindex.gif

X Window System

The scanner attempts to connect to a hosts X server. If the xsetroot option is enabled, the scanner attempts to set the root window bitmap. If an X server is vulnerable, an intruder can obtain keystrokes and remotely execute commands as the user running the X server. Many users have their X server set to xhost +. This permits access to the X server by anyone, anywhere. It is possible to configure the xhost to allow only certain hosts authorization. However, any user from those remote hosts could use the X server to compromise data. This option tests to see if the X server will open.

Risk: High

Fix: Key-based protection schemes for the X server, such as xauth, generate an obscure authorization scheme instead of a host-based one. This tells the server not to allow an application to use the display unless it can produce the required string. This string is usually stored in a file that can only be read by a particular user, in effect restricting the display to that one user. When an additional user needs to use the same display, the string can be given to that user.