CVE-2011-1165
published 2013-03-12CVE-2011-1165: Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections"…
PriorityP426medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
2.27%
80.9th percentile
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Affected
104 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| david_king | vino | <= 3.1.92 | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1LOW
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v9m5-9vg5-h8w2: Vino, possibly before 3
ghsa_unreviewed·2022-05-17
CVE-2011-1165 [MEDIUM] GHSA-v9m5-9vg5-h8w2: Vino, possibly before 3
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
OSV
CVE-2011-1165: Vino, possibly before 3
osv·2013-03-12·CVSS 5.1
CVE-2011-1165 [MEDIUM] CVE-2011-1165: Vino, possibly before 3
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Debian
CVE-2011-1165: vino - Vino, possibly before 3.2, does not properly document that it opens ports in UPn...
vendor_debian·2011·CVSS 5.1
CVE-2011-1165 [MEDIUM] CVE-2011-1165: vino - Vino, possibly before 3.2, does not properly document that it opens ports in UPn...
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Scope: local
bookworm: open
bullseye: open
Red Hat
vino-preferences does not warn about UPnP especially with no password and no confirmation.
vendor_redhat·2009-09-08·CVSS 5.1
CVE-2011-1165 [MEDIUM] vino-preferences does not warn about UPnP especially with no password and no confirmation.
vino-preferences does not warn about UPnP especially with no password and no confirmation.
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Statement: This issue did not affect the version of vino as shipped with Red Hat Enterprise Linux 4 or 5 as they did not include support for Universal Plug and Play (UPnP). A future update in Red Hat Enterprise Linux 6 may address this flaw. To mitigate this issue, users should ensure that confirmation is requested on each inbound connection attempt, that a password is required to connect, and that automatic network configuration is disabled. This will
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-2982 Mozilla: Miscellaneous memory safety hazards
bugzilla·2011-08-14·CVSS 10.0
CVE-2011-2982 [CRITICAL] CVE-2011-2982 Mozilla: Miscellaneous memory safety hazards
CVE-2011-2982 Mozilla: Miscellaneous memory safety hazards
Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Discussion:
This is now public:
http://www.mozilla.org/security/announce/2011/mfsa2011-30.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:1165 https://rhn.redhat.com/errata/RHSA-2011-1165.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Via RHSA-2011:11
Bugzilla
CVE-2011-2983 Mozilla: Private data leakage using RegExp.input
bugzilla·2011-08-14·CVSS 4.3
CVE-2011-2983 [MEDIUM] CVE-2011-2983 Mozilla: Private data leakage using RegExp.input
CVE-2011-2983 Mozilla: Private data leakage using RegExp.input
Security researcher shutdown reported that data from other domains could be read when RegExp.input was set.
Discussion:
This is now public:
http://www.mozilla.org/security/announce/2011/mfsa2011-30.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:1165 https://rhn.redhat.com/errata/RHSA-2011-1165.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Via RHSA-2011:1167 https://rhn.redhat.com/errata/RHSA-2011-1167.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Via RHSA-2011:1164 https://rhn.redhat.com/errat
Bugzilla
CVE-2011-2908 CSRF on jmx-console allows invocation of operations on mbeans
bugzilla·2011-08-12·CVSS 6.0
CVE-2011-2908 [MEDIUM] CVE-2011-2908 CSRF on jmx-console allows invocation of operations on mbeans
CVE-2011-2908 CSRF on jmx-console allows invocation of operations on mbeans
The JMX console as shipped with JBoss EAP 5.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. This vulnerability allows an attacker to invoke operations on mbeans via the JMX console.
Discussion:
This issue has been addressed in following products:
JBoss Enterprise SOA Platform 5.3.0
Via RHSA-2012:1152 https://rhn.redhat.com/errata/RHSA-2012-1152.html
---
This issue has been addressed in following products:
JBoss Enterprise BRMS Platform 5.3.0
Via RHSA-2012:1165 https://rhn.redhat.com/errata/RHSA-2012-1165.html
---
This issue has been addressed in following products:
JBoss Enterprise Portal Platform 5.2.2
Via RHSA-2012:1232 https://rhn.redhat.com/errata/RHSA-2012-1232.html
---
This issu
Bugzilla
CVE-2011-1165 vino-preferences does not warn about UPnP especially with no password and no confirmation.
bugzilla·2011-02-20·CVSS 5.1
CVE-2011-1165 [MEDIUM] CVE-2011-1165 vino-preferences does not warn about UPnP especially with no password and no confirmation.
CVE-2011-1165 vino-preferences does not warn about UPnP especially with no password and no confirmation.
Created attachment 479752
Screenshot of what UPnP means.
Description of problem:
System ---> Preferences ---> Remote Desktop
does not sufficiently warn that UPnP is being used to open ports on your router. When end user is testing, he very well may disables confirmation and password. Because there is no very explicit UPnP warning, he just unwittingly enabled anybody on the internet to connect to his desktop.
Version-Release number of selected component (if applicable):
vino 2.32.0-1.fc14
How reproducible:
parts always, UPnP success at opening router port varies. Sometimes, it successfully opens a port, other times it does not.
Steps to Reproduce:
1.System --> Preferences --> Remote
http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566http://rhn.redhat.com/errata/RHSA-2013-0169.htmlhttp://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40https://bugzilla.gnome.org/show_bug.cgi?id=594521https://bugzilla.redhat.com/show_bug.cgi?id=678846http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566http://rhn.redhat.com/errata/RHSA-2013-0169.htmlhttp://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40https://bugzilla.gnome.org/show_bug.cgi?id=594521https://bugzilla.redhat.com/show_bug.cgi?id=678846
2013-03-12
Published