Download
| Alert*
oval:org.secpod.oval:def:301195
Security vulnerabilities have been discovered and corrected in VNC server of kvm version 79 and earlier, which could lead to denial-of-service attacks , and make it easier for remote crackers to guess the VNC password . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:700389 Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary comm ... oval:org.secpod.oval:def:700423 Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. Alfredo Ortega discovered that KVM"s VNC protocol handler did not correctly validate certain messages. A remo ... oval:org.secpod.oval:def:300472 Security vulnerabilities have been discovered and corrected in VNC server of qemu version 0.9.1 and earlier, which could lead to denial-of-service attacks , and make it easier for remote crackers to guess the VNC password . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300911 A security vulnerability have been discovered and corrected in VNC server of qemu 0.9.1 and earlier, which could lead to a denial-of-service attack . The updated packages have been patched to prevent this. |