CVE-2011-0011

Опубликовано: 07 янв. 2011

Источник: redhat

CVSS2: 4.3

Описание

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

Отчет

This issue does not affect versions of kvm package as shipped with Red Hat Enterprise Linux 5.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=668589qemu-kvm: Setting VNC password to empty string silently disables all authentication

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2011-0011

ubuntu

больше 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

CVE-2011-0011

nvd

больше 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

CVE-2011-0011

debian

больше 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password i ...

GHSA-x485-7p7r-jxj7

github

больше 3 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

ELSA-2011-0345

oracle-oval

больше 14 лет назад

ELSA-2011-0345: qemu-kvm security update (MODERATE)

4.3 Medium

CVSS2