Bug 58066 - VNC can be frozen via HTTP
Summary: VNC can be frozen via HTTP
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: vnc
Version: 7.0
Hardware: i686
OS: Linux
medium
high
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-01-07 17:49 UTC by Tal Kelrich
Modified: 2007-04-18 16:38 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2002-02-08 10:41:10 UTC
Embargoed:


Attachments (Terms of Use)

Description Tal Kelrich 2002-01-07 17:49:13 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011014

Description of problem:
vnc freezes when receiving HTTP requests, until all headers are sent (\n\n).

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
$ nc box.victim.com 5801
GET / HTTP/1.1\n


Actual Results:  [vnc is now frozen until a second \n is entered, ending the
header section, or until http disconnect]

Expected Results:  nothing

Additional info:

vnc, RPM 3.3.3r1

Comment 1 Tim Waugh 2002-01-10 15:47:51 UTC
There is another DoS that can be used to break out of this one. :-)
I'll talk to the maintainers.


Comment 2 Tim Waugh 2002-03-12 09:39:15 UTC
Fixed in 3.3.3r2-18.3.


Note You need to log in before you can comment on or make changes to this bug.