This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor David King First view 2012-09-30
Product Vino Last view 2013-10-01
Version 3.2.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:david_king:vino

Activity : Overall

Related : CVE

  Date Alert Description
7.1 2013-10-01 CVE-2013-5745

The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial of service (infinite loop, CPU and disk consumption) via multiple crafted requests during authentication.

5 2012-09-30 CVE-2012-4429

Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-200 Information Exposure
50% (1) CWE-20 Improper Input Validation

ExploitDB Exploits

id Description
28338 Vino VNC Server 3.7.3 - Persistent Denial of Service

Snort® IPS/IDS

Date Description
2014-06-28 Vino VNC multiple client authentication denial of service attempt
RuleID : 31082 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

id Description
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_vino_20130521.nasl - Type: ACT_GATHER_INFO
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_vino_20140225.nasl - Type: ACT_GATHER_INFO
2013-11-07 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_vino-131017.nasl - Type: ACT_GATHER_INFO
2013-10-25 Name: The remote Fedora host is missing a security update.
File: fedora_2013-17121.nasl - Type: ACT_GATHER_INFO
2013-10-24 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2013-1452.nasl - Type: ACT_GATHER_INFO
2013-10-24 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20131022_vino_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2013-10-23 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2013-1452.nasl - Type: ACT_GATHER_INFO
2013-10-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-1452.nasl - Type: ACT_GATHER_INFO
2013-10-01 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1980-1.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2013-0169.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2013-0169.nasl - Type: ACT_GATHER_INFO
2013-01-23 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20130121_vino_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2013-01-23 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1701-1.nasl - Type: ACT_GATHER_INFO
2013-01-22 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-0169.nasl - Type: ACT_GATHER_INFO