How is QID 95001 detected - X-Window Sniffing?
First, the scan engine determines if the X11 service is running.
Once this is confirmed, using the xhost command, we can detect whether access control is enabled or disabled.
When no arguments are passed to xhost it returns the current status of the system.
xhost +: turns off access control (all remote hosts have access to X server)
xhost -: turns on access control
Qualys Support KnowledgeBase