PT-2008-6766 · Qemu · Qemu

Published

2008-12-24

Updated

2017-08-08

CVE-2008-5714

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Qemu version 0.9.1

Description The issue is related to an off-by-one error in the monitor.c file, which could make it easier for remote attackers to guess the VNC password. The password is limited to seven characters, whereas eight characters were intended.

Recommendations For Qemu version 0.9.1, consider updating to a newer version that addresses this issue, as the current version has a password limitation that could be exploited.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2008-5714

DSA-1907-1

DTSA-203-1

Affected Products

Qemu

PT-2008-6766 · Qemu · Qemu

CVE-2008-5714

Weakness Enumeration

Related Identifiers

Affected Products

References · 16