what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2011-0905

Status Candidate

Overview

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.

Related Files

Red Hat Security Advisory 2013-0169-01
Posted Jan 23, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0169-01 - Vino is a Virtual Network Computing server for GNOME. It allows remote users to connect to a running GNOME session using VNC. It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A remote attacker who is able to access port 5900 on a system running Vino could use this flaw to read clipboard data without authenticating. Two out-of-bounds memory read flaws were found in the way Vino processed client framebuffer requests in certain encodings. An authenticated client could use these flaws to send a specially-crafted request to Vino, causing it to crash.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-0904, CVE-2011-0905, CVE-2011-1164, CVE-2011-1165, CVE-2012-4429
SHA-256 | 709d44a326fa0d3994ae28eeedadf167461a56201a46fc7ea3ccc58537ada91c
Debian Security Advisory 2238-1
Posted May 20, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2238-1 - Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0904, CVE-2011-0905
SHA-256 | 762e8c4f2a7429d7a006ec98826a518cee1f681808fcb98fe4d3c053db743f00
Mandriva Linux Security Advisory 2011-087
Posted May 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-087 - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service X position or Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. The updated packages have been upgraded to 2.28.3 which is not vulnerable to these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-0904, CVE-2011-0905
SHA-256 | 071cbada81358e2a216406d81427278602a3d81ce6f686ff9d33a09a53583363
Ubuntu Security Notice USN-1128-1
Posted May 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1128-1 - Kevin Chen discovered that Vino incorrectly handled certain client framebuffer requests. A remote attacker could use this flaw to cause Vino to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0904, CVE-2011-0905
SHA-256 | fca3394ce9f2f0b40dffc19c7f0227e7f88d5765a3d7d309cff829797dea9fce
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close