[原文]OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Multiple SSH Client X11 Forwarding Information Disclosure
Local Access Required,
Remote / Network Access
Loss of Confidentiality
OpenSSH's ssh client contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker attempts to gain acess to the X11 display of the client, which will be incorrectly permitted. This will disclose user desktop and keystroke information, resulting in a loss of confidentiality.
Upgrade to version 2.3.0 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch, or by unsetting the $DISPLAY and $SSH_AUTH_SOCK environment variables.