Bug 191692
Summary: | CVE-2006-2369 bypass authentication in vnc 4.1.1 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mark J. Cox <mjc> |
Component: | vnc | Assignee: | Radek Vokál <rvokal> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | David Lawrence <dkl> |
Severity: | urgent | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | jens, redhat |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | public=20060508,impact=important,source=slashdot,reported=20060511 | ||
Fixed In Version: | 4.1.1-38.fc5 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-05-24 15:34:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark J. Cox
2006-05-15 10:15:03 UTC
vnc-4.1.1-10.1.fc4 has been pushed for fc4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report. vnc-4.1.1-37.fc5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report. Authentication seems to be broken for vnc-4.1.1-37.fc5/vnc-server-4.1.1-37.fc5, no vnc connection possible at all: - start "Xvnc :1" - start "vncviewer :1" in another console > [...] > Wed May 17 13:40:36 2006 > CConn: connected to host localhost port 5901 > CConnection: Server supports RFB protocol version 3.8 > CConnection: Using RFB protocol version 3.8 > main: End of stream - output of "Xvnc :1" > Connections: accepted: 127.0.0.1::47730 > SConnection: Client needs protocol version 3.8 > SConnection: Client requests security type VncAuth(2) > SConnection: unexpected security type > Connections: closed: 127.0.0.1::47730 (unexpected security type) Please try with version 4.1.1-38.fc5, the problem should be fixed there. |