SAP Knowledge Base Article - Preview

3015851 - Vulnerability detection when SAP Data Services runs on X11 Server (X Window)


  • Description: "The remote X11 server accepts connections from anywhere. An attacker can connect to it to eavesdrop on the keyboard and mouse events of a user on the remote host. It is even possible for an attacker to grab a screenshot of the remote host or to display arbitrary programs. An attacker can exploit this flaw to obtain the username and password of a user on the remote host." 
  • Solution: "Restrict access to this port by using the 'xhost' command. If the X11 client/server facility is not used, disable TCP entirely."



  • X11 (X Window) 
  • SAP Data Services 4.X


SAP Data Services 4.2


X11, DS, data services, X Window, compatible, compatibility, vulnerability, SSH, TCP , KBA , EIM-DS-SVR , Administration/Server , EIM-DS-DEP , Deployment, Installation, Upgrade , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.