PT-2013-1387 · Gnome+3 · Vino+3

Robert Townley

Publicado

2013-01-21

Atualizado

2013-03-19

CVE-2011-1165

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Vino versions prior to 3.2

Description The issue is related to the "Configure network to automatically accept connections" setting. When this setting is enabled, Vino opens ports in UPnP routers, but it does not properly document this behavior. This lack of documentation might make it easier for remote attackers to perform further attacks.

Recommendations For versions prior to 3.2, consider disabling the "Configure network to automatically accept connections" setting to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0169

CVE-2011-1165

RHSA-2013:0169

RHSA-2013_0169

Produtos afetados

Centos

Debian

Red Hat

Vino

PT-2013-1387 · Gnome+3 · Vino+3

CVE-2011-1165

Identificadores relacionados

Produtos afetados

Referências · 28