vino-2.28.1-8.AXS4
エラータID: AXSA:2013-86:01
リリース日:
2013/02/21 Thursday - 14:35
題名:
vino-2.28.1-8.AXS4
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Vino の vino-server の rfbSendFramebufferUpdate 関数には,raw エンコーディングを使用している場合,フレームバッファのアップデートリクエストの大きな (1) X 座標 と (2) Y座標の値によって,リモートの認証された攻撃者がサービス拒否 (デーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2011-0904)
- Vino の vino-server の rfbSendFramebufferUpdate 関数には, tight エンコーディングを使用している場合, フレームバッファのアップデートリクエストの巧妙に細工された寸法によって, リモートの認証された攻撃者がサービス拒否 (デーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2011-0905)
- Vino にはリモートの攻撃者が,TCP 5900番ポートを listen することによって,クリップボードのアクティビティーを読み取る脆弱性があります。(CVE-2012-4429)
現時点では CVE-2011-1164,CVE-2011-1165 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2011-0904
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
CVE-2011-0905
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
CVE-2011-1164
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
CVE-2011-1165
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
CVE-2012-4429
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
追加情報:
N/A
ダウンロード:
SRPMS
- vino-2.28.1-8.AXS4.src.rpm
MD5: be8ae52a5d885e4e26c52813c57e6699
SHA-256: 414d73244846ed36d7c3e0df319dfc5fa7ab74c3c9c3c142d34f8abc3239f02b
Size: 824.98 kB
Asianux Server 4 for x86
- vino-2.28.1-8.AXS4.i686.rpm
MD5: 125120d11610b993aa0886ae3bfcf77f
SHA-256: a4f44f1a2e4e0ece8ecb76c24f15c4fe33b75e3c04f9ec39430df86fc758c740
Size: 433.95 kB
Asianux Server 4 for x86_64
- vino-2.28.1-8.AXS4.x86_64.rpm
MD5: 5ccb3012979ef30a819a1ae932a9d526
SHA-256: 44f1b7ecb93563200ccf4404f29ac6dbfbcffee82eb6ec1b5baa5e4121b6fa6f
Size: 435.01 kB