CVE-2008-2382
published 2008-12-24CVE-2008-2382: The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a…
PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
6.62%
93.0th percentile
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
Affected
113 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | qemu | < qemu 0.9.1-9 (bookworm) | qemu 0.9.1-9 (bookworm) |
| kvm_qumranet | kvm | <= 79 | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
| kvm_qumranet | kvm | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_ubuntu9.3CRITICAL
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
KVM regression
vendor_ubuntu·2009-05-13·CVSS 2.1
[LOW] KVM regression
Title: KVM regression
Summary: KVM regression
USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a
regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to
boot virtual machines started via libvirt. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Avi Kivity discovered that KVM did not correctly handle certain disk
formats. A local attacker could attach a malicious partition that would
allow the guest VM to read files on the VM host. (CVE-2008-1945,
CVE-2008-2004)
Alfredo Ortega discovered that KVM's VNC protocol handler did not
correctly validate certain messages. A remote attacker could send
specially crafted VNC messages that would cause KVM to consume CPU
resources, leading to a denial of service. (CVE-2008-
Ubuntu
KVM vulnerabilities
vendor_ubuntu·2009-05-12·CVSS 2.1
CVE-2008-1945 [LOW] KVM vulnerabilities
Title: KVM vulnerabilities
Summary: KVM vulnerabilities
Avi Kivity discovered that KVM did not correctly handle certain disk
formats. A local attacker could attach a malicious partition that
would allow the guest VM to read files on the VM host. (CVE-2008-1945,
CVE-2008-2004)
Alfredo Ortega discovered that KVM's VNC protocol handler did not
correctly validate certain messages. A remote attacker could send
specially crafted VNC messages that would cause KVM to consume CPU
resources, leading to a denial of service. (CVE-2008-2382)
Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC
did not correctly handle certain bitblt operations. A local attacker
could exploit this flaw to potentially execute arbitrary code on the VM
host or crash KVM, leading to a denial of servic
Ubuntu
xterm vulnerabilities
vendor_ubuntu·2009-01-06·CVSS 9.3
CVE-2008-2383 [CRITICAL] xterm vulnerabilities
Title: xterm vulnerabilities
Summary: xterm vulnerabilities
Paul Szabo discovered that the DECRQSS escape sequences were not handled
correctly by xterm. Additionally, window title operations were also not
safely handled. If a user were tricked into viewing a specially crafted
series of characters while in xterm, a remote attacker could execute
arbitrary commands with user privileges. (CVE-2006-7236, CVE-2008-2382)
Instructions: After a standard system upgrade you need to restart any running xterms to
effect the necessary changes.
Red Hat
qemu/kvm: remote DoS (infinite loop) via specially-crafted VNC message received by the domain
vendor_redhat·2008-12-22·CVSS 5.0
CVE-2008-2382 [MEDIUM] CWE-835 qemu/kvm: remote DoS (infinite loop) via specially-crafted VNC message received by the domain
qemu/kvm: remote DoS (infinite loop) via specially-crafted VNC message received by the domain
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
Statement: Not vulnerable. This issue did not affect the version of the Xen package as shipped with Red Hat Enterprise Linux 5.
Debian
CVE-2008-2382: qemu - The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 an...
vendor_debian·2008·CVSS 5.0
CVE-2008-2382 [MEDIUM] CVE-2008-2382: qemu - The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 an...
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
Scope: local
bookworm: resolved (fixed in 0.9.1-9)
bullseye: resolved (fixed in 0.9.1-9)
forky: resolved (fixed in 0.9.1-9)
sid: resolved (fixed in 0.9.1-9)
trixie: resolved (fixed in 0.9.1-9)
GHSA
GHSA-gr5p-5pp4-jfr7: The protocol_client_msg function in vnc
ghsa_unreviewed·2022-05-01
CVE-2008-2382 [MEDIUM] GHSA-gr5p-5pp4-jfr7: The protocol_client_msg function in vnc
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
OSV
CVE-2008-2382: The protocol_client_msg function in vnc
osv·2008-12-24·CVSS 5.0
CVE-2008-2382 [MEDIUM] CVE-2008-2382: The protocol_client_msg function in vnc
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
No detection rules found.
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlhttp://secunia.com/advisories/33293http://secunia.com/advisories/33303http://secunia.com/advisories/33350http://secunia.com/advisories/33568http://secunia.com/advisories/34642http://secunia.com/advisories/35062http://securityreason.com/securityalert/4803http://securitytracker.com/id?1021488http://securitytracker.com/id?1021489http://www.coresecurity.com/content/vnc-remote-doshttp://www.securityfocus.com/archive/1/499502/100/0/threadedhttp://www.securityfocus.com/bid/32910http://www.ubuntu.com/usn/usn-776-1http://www.vupen.com/english/advisories/2008/3488http://www.vupen.com/english/advisories/2008/3489https://exchange.xforce.ibmcloud.com/vulnerabilities/47561https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlhttp://secunia.com/advisories/33293http://secunia.com/advisories/33303http://secunia.com/advisories/33350http://secunia.com/advisories/33568http://secunia.com/advisories/34642http://secunia.com/advisories/35062http://securityreason.com/securityalert/4803http://securitytracker.com/id?1021488http://securitytracker.com/id?1021489http://www.coresecurity.com/content/vnc-remote-doshttp://www.securityfocus.com/archive/1/499502/100/0/threadedhttp://www.securityfocus.com/bid/32910http://www.ubuntu.com/usn/usn-776-1http://www.vupen.com/english/advisories/2008/3488http://www.vupen.com/english/advisories/2008/3489https://exchange.xforce.ibmcloud.com/vulnerabilities/47561https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html
2008-12-24
Published