Originally Published: Saturday, 9 October 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

ssh/x11fwd vulnerable?

[BugTraq] This method of conducting a simple dos against unprotected X servers is already well-known. Most X servers for windows default to accepting all connections to port 6000, making more than the MI/X software vulnerable. Also, I do not think most pc X servers have cookies support - session hijacking and snooping may be possible.