SSH client xauth Vulnerability

Currently the SecurityFocus staff are not ware of any vendor supplied patches for SSH. If you feel we are in error or are aware of more recent information, please mail us at:

A suitable fix is to disable X forwarding from being enabled by default. This can be permanantly done in the /etc/ssh_config file, or in $HOME/.ssh/config for individual hosts.
Host *
ForwardX11 no

OpenSSH has issued a new version that remedies this problem. Versions released after February 29, 2000 should not be susceptible. They are available at


Privacy Statement
Copyright 2010, SecurityFocus