CVE-2015-7244 Information

Description

The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections which allows remote attackers to execute arbitrary commands or obtain sensitive information via X11 packets.

Reference

http://blog.mobatek.net/post/mobaxterm-new-release-8.3/ http://www.kb.cert.org/vuls/id/316888 http://www.securifera.com/advisories/cve-2015-7244