Ubuntu Update For Qemu-kvm Vulnerability USN-1063-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1063-1

Solution

Please Install the Updated Packages.

Insight

Neil Wilson discovered that if VNC passwords were blank in QEMU configurations, access to VNC sessions was allowed without a password instead of being disabled. A remote attacker could connect to running VNC sessions of QEMU and directly control the system. By default, QEMU does not start VNC sessions.

Affected

qemu-kvm vulnerability on Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10

Severity

Classification

CVE CVE-2011-0011
CVSS Base Score: 4.3
AV:A/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for clamav USN-2157-1
Ubuntu Update for avahi vulnerabilities USN-696-1
Ubuntu Update for cups USN-2144-1
Ubuntu Update for apache2 USN-2299-1
Ubuntu Update for commons-daemon USN-1298-1

Ubuntu Update for qemu-kvm vulnerability USN-1063-1

Take action and discover your vulnerabilities