Moderate: vino (SL6)

Synopsis: Moderate: vino security update
Issue Date: 2013-01-21
CVE Numbers: CVE-2011-1164

It was found that Vino transmitted all clipboard activity on the system running
Vino to all clients connected to port 5900, even those who had not
authenticated. A remote attacker who is able to access port 5900 on a system
running Vino could use this flaw to read clipboard data without authenticating.

Two out-of-bounds memory read flaws were found in the way Vino processed client
framebuffer requests in certain encodings. An authenticated client could use
these flaws to send a specially-crafted request to Vino, causing it to crash.
(CVE-2011-0904, CVE-2011-0905)

In certain circumstances, the vino-preferences dialog box incorrectly indicated
that Vino was only accessible from the local network. This could confuse a user
into believing connections from external networks are not allowed (even when
they are allowed). With this update, vino-preferences no longer displays
connectivity and reachable information. (CVE-2011-1164)

There was no warning that Universal Plug and Play (UPnP) was used to open ports
on a user’s network router when the “Configure network automatically to accept
connections” option was enabled (it is disabled by default) in the Vino
preferences. This update changes the option’s description to avoid the risk of
a UPnP router configuration change without the user’s consent. (CVE-2011-1165)

The GNOME session must be restarted (log out, then log back in) for this update
to take effect.


– Scientific Linux Development Team