Executive Summary
Summary | |
---|---|
Title | vino security update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:0169 | First vendor Publication | 2013-01-21 |
Vendor | RedHat | Last vendor Modification | 2013-01-21 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.1 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated vino package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Vino is a Virtual Network Computing (VNC) server for GNOME. It allows remote users to connect to a running GNOME session using VNC. It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A remote attacker who is able to access port 5900 on a system running Vino could use this flaw to read clipboard data without authenticating. (CVE-2012-4429) Two out-of-bounds memory read flaws were found in the way Vino processed client framebuffer requests in certain encodings. An authenticated client could use these flaws to send a specially-crafted request to Vino, causing it to crash. (CVE-2011-0904, CVE-2011-0905) In certain circumstances, the vino-preferences dialog box incorrectly indicated that Vino was only accessible from the local network. This could confuse a user into believing connections from external networks are not allowed (even when they are allowed). With this update, vino-preferences no longer displays connectivity and reachable information. (CVE-2011-1164) There was no warning that Universal Plug and Play (UPnP) was used to open ports on a user's network router when the "Configure network automatically to accept connections" option was enabled (it is disabled by default) in the Vino preferences. This update changes the option's description to avoid the risk of a UPnP router configuration change without the user's consent. (CVE-2011-1165) All Vino users should upgrade to this updated package, which contains backported patches to resolve these issues. The GNOME session must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 553477 - CVE-2011-1164 vino: vino-preferences incorrectly indicates that computer is only reachable over local network 678846 - CVE-2011-1165 vino-preferences does not warn about UPnP especially with no password and no confirmation. 694455 - CVE-2011-0904 vino: Out of bounds read flaw by processing certain client raw encoding framebuffer update requests 694456 - CVE-2011-0905 vino: Out of bounds read flaw by processing certain client tight encoding framebuffer update requests 857250 - CVE-2012-4429 vino: information leak and authentication bypass |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-0169.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-200 | Information Exposure |
25 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12993 | |||
Oval ID: | oval:org.mitre.oval:def:12993 | ||
Title: | DSA-2238-1 vino -- several | ||
Description: | Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2238-1 CVE-2011-0904 CVE-2011-0905 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | vino |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13865 | |||
Oval ID: | oval:org.mitre.oval:def:13865 | ||
Title: | USN-1128-1 -- vino vulnerabilities | ||
Description: | vino: VNC server for GNOME An attacker could send crafted input to Vino and cause it to crash. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1128-1 CVE-2011-0904 CVE-2011-0905 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 8.04 Ubuntu 10.04 | Product(s): | vino |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18228 | |||
Oval ID: | oval:org.mitre.oval:def:18228 | ||
Title: | USN-1701-1 -- vino vulnerability | ||
Description: | Vino could be made to expose sensitive information over the network. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1701-1 CVE-2012-4429 | Version: | 7 |
Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | vino |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20735 | |||
Oval ID: | oval:org.mitre.oval:def:20735 | ||
Title: | RHSA-2013:0169: vino security update (Moderate) | ||
Description: | Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0169-01 CESA-2013:0169 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-1165 CVE-2012-4429 | Version: | 73 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | vino |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23811 | |||
Oval ID: | oval:org.mitre.oval:def:23811 | ||
Title: | ELSA-2013:0169: vino security update (Moderate) | ||
Description: | Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0169-01 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-1165 CVE-2012-4429 | Version: | 25 |
Platform(s): | Oracle Linux 6 | Product(s): | vino |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27114 | |||
Oval ID: | oval:org.mitre.oval:def:27114 | ||
Title: | DEPRECATED: ELSA-2013-0169 -- vino security update (moderate) | ||
Description: | [2.28.1-8] - Remove spurious 'e' from glib2-devel requirement [2.28.1-7] - Bump version number [2.28.1-6] - Bump version number [2.28.1-5] - Add reachability.patch Remove UI about whether the is only reachable locally or not. Fix for CVE-2011-1164 - Bug #553477 [2.28.1-5] - Add upnp.patch Fix for CVE-2011-1165 - Bug #678846 [2.28.1-5] - Add clipboard-leak.patch Fix for CVE-2012-4429 - Bug #857250 [2.28.1-5] - Add vino-2.8.1-sanity-check-fb-update.patch Fix for CVE-2011-0904 and CVE-2011-0904 - Bugs #694456, #694455 [2.28.1-4] - Translation updates. Related: rhbz 575682 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0169 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-1165 CVE-2012-4429 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | vino |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-03 | Name : Debian Security Advisory DSA 2238-1 (vino) File : nvt/deb_2238_1.nasl |
2011-05-23 | Name : Fedora Update for vino FEDORA-2011-6773 File : nvt/gb_fedora_2011_6773_vino_fc14.nasl |
2011-05-23 | Name : Fedora Update for vino FEDORA-2011-6778 File : nvt/gb_fedora_2011_6778_vino_fc13.nasl |
2011-05-17 | Name : Mandriva Update for vino MDVSA-2011:087 (vino) File : nvt/gb_mandriva_MDVSA_2011_087.nasl |
2011-05-10 | Name : Ubuntu Update for vino USN-1128-1 File : nvt/gb_ubuntu_USN_1128_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74333 | Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Tigh... Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program. |
74332 | Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Raw ... Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_vino_20130521.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_vino-110509.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_vino-110509.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2013-01-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130121_vino_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-01-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1701-1.nasl - Type : ACT_GATHER_INFO |
2013-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vino-7531.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1128-1.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_vino-110518.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vino-7532.nasl - Type : ACT_GATHER_INFO |
2011-05-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2238.nasl - Type : ACT_GATHER_INFO |
2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6778.nasl - Type : ACT_GATHER_INFO |
2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6773.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-087.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_vino-110509.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:41 |
|
2013-03-19 17:20:14 |
|
2013-03-16 18:31:55 |
|
2013-01-22 00:20:39 |
|