Gentoo Security Advisory GLSA 200608-12 (x11vnc) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200608-12.

Solution

All x11vnc users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-misc/x11vnc-0.8.1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200608-12 http://bugs.gentoo.org/show_bug.cgi?id=142559 http://www.gentoo.org/security/en/glsa/glsa-200608-05.xml

Insight

VNC servers created with x11vnc accept insecure protocol types, even when the server does not offer it, resulting in the possibility of unauthorized access to the server.

Severity

Classification

CVE CVE-2006-2450

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200406-20 (Openswan)
Gentoo Security Advisory GLSA 200404-15 (xchat)
Gentoo Security Advisory GLSA 200311-03 (HylaFAX)
Gentoo Security Advisory GLSA 200408-25 (MoinMoin)
Gentoo Security Advisory GLSA 200405-15 (cadaver)

Take action and discover your vulnerabilities