Red Hat Bugzilla – Bug 857250
CVE-2012-4429 vino: information leak and authentication bypass
Last modified: 2015-11-24 10:22:24 EST
It was reported , that vino transmits all clipboard activity to anything listening on port 5900, including to clients that have not authenticated. If a user were to have vino enabled (including requiring authentication), a remote user could access the port and see anything the user added to the clipboard sent over the port.
To reproduce, enable vino with password protection (i.e. execute vino-preferences). Connect to the VNC port (either locally or remotely), for instance:
% nc -4 odvfc17 5900
@??zsh: command not found: zsh:@??[vdanen@odvfc17]
The above two bits of output are from copying in the GNOME terminal, locally, on the system running vino.
The above was tested with Fedora 17's 3.4.2 version; the report indicates that 2.32 on Gentoo and 2.28 on Debian are also vulnerable.
Created vino tracking bugs for this issue
Affects: fedora-all [bug 857252]
The CVE identifier of CVE-2012-4429 has been assigned to this issue:
Proposed upstream patch at:
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0169 https://rhn.redhat.com/errata/RHSA-2013-0169.html