PT-2008-6766 · Qemu · Qemu

Publicado

2008-12-24

·

Atualizado

2017-08-08

·

CVE-2008-5714

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Qemu version 0.9.1
Description The issue is related to an off-by-one error in the monitor.c file, which could make it easier for remote attackers to guess the VNC password. The password is limited to seven characters, whereas eight characters were intended.
Recommendations For Qemu version 0.9.1, consider updating to a newer version that addresses this issue, as the current version has a password limitation that could be exploited.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

CVE-2008-5714
DSA-1907-1
DTSA-203-1

Produtos afetados

Qemu