Title

X displays must not be exported to the world. (Cat I impact)

Discussion

Open X displays allow an attacker to capture keystrokes and to execute commands remotely. Many users have their X Server set to xhost +, permitting access to the X Server by anyone, from anywhere.

Check Content

Windows is not used on the system, this is not applicable. Check the output of the "xhost" command from an X terminal. First, verify the DISPLAY variable is correctly set. $ echo $DISPLAY NOTE: It may be necessary to define the display if the command reports it cannot open the display. MachineName may be replaced with an Internet Protocol Address. Repeat the check procedure after setting the display. $ DISPLAY=MachineName:0.0; export DISPLAY $ xhost If the output reports access control is enabled (and possibly lists the hosts that can receive X window logins), this is not a finding. If the xhost command returns a line indicating access control is disabled, this is a finding.

Fix Text

If using an xhost-type authentication the xhost - command can be used to remove current trusted hosts and then selectively allow only trusted hosts to connect with xhost + commands. A cryptographically secure authentication, such as provided by the xauth program, is always preferred.

Additional Identifiers

Rule ID: SV-35168r1_rule

Vulnerability ID: V-4697

Group Title: GEN005200

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.