Summary
The remote host is missing updates announced in
advisory GLSA 200608-12.
Solution
All x11vnc users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=x11-misc/x11vnc-0.8.1'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200608-12 http://bugs.gentoo.org/show_bug.cgi?id=142559
http://www.gentoo.org/security/en/glsa/glsa-200608-05.xml
Insight
VNC servers created with x11vnc accept insecure protocol types, even when the server does not offer it, resulting in the possibility of unauthorized access to the server.
Severity
Classification
-
CVE CVE-2006-2450 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities