3 matches found
CVE-2015-7244
The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote attackers to execute arbitrary commands or obtain sensitive information via X11 packets...
CVE-2015-7244
Mobatek MobaXterm prior to version 8.3 is affected by CVE-2015-7244 due to a default server configuration that disables access control and does not require authentication for X11 connections. This allows a remote attacker to execute arbitrary commands or view/inject X11 data via port 6000, using ...
MobaXterm server may allow arbitrary command injection due to missing X11 authentication
Overview The MobaXterm server prior to verion 8.3 is vulnerable to arbitrary command injection over port 6000 when using default X11 settings. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-7244MobaXterm server prior to version 8.3 includes an X11 server listening on...