Ubuntu Update For Qemu-kvm Vulnerability USN-1063-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1063-1

Solution

Please Install the Updated Packages.

Insight

Neil Wilson discovered that if VNC passwords were blank in QEMU configurations, access to VNC sessions was allowed without a password instead of being disabled. A remote attacker could connect to running VNC sessions of QEMU and directly control the system. By default, QEMU does not start VNC sessions.

Affected

qemu-kvm vulnerability on Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10

Severity

Classification

CVE CVE-2011-0011

CVSS	Base Score: 4.3 AV:A/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-2474-1
Ubuntu Update for apache2 USN-2299-1
Ubuntu Update for clamav vulnerabilities USN-945-1
Ubuntu Update for apache2 vulnerabilities USN-575-1
Ubuntu Update for clamav USN-1258-1

Ubuntu Update for qemu-kvm vulnerability USN-1063-1

Take action and discover your vulnerabilities