CVE-2011-1773

Sažetak

virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.

Reference

http://rhn.redhat.com/errata/RHSA-2011-1615.html
http://secunia.com/advisories/47086
http://www.osvdb.org/77558
https://bugzilla.redhat.com/show_bug.cgi?id=702754
https://git.fedorahosted.org/cgit/virt-v2v.git/commit/?id=7e9393129116699d1228bb02b9f65b78584582c1

CVSS

Base:	4.4
Impact:	6.4
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

22-04-2019 - 17:48

Objavljeno

08-02-2014 - 00:55