Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSH Client Unauthorized Remote Forwarding
Information
Severity
Severity
High
Family
Family
Gain a shell remotely
CVSSv2 Base
CVSSv2 Base
7.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
18 years ago
Modified
Modified
4 years ago
Summary
The remote host is running OpenSSH SSH client before 2.3.0.
Insight
Insight
This version does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Solution
Solution
Patch and new version are available from OpenSSH.