Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2008-2382

Published: 24/12/2008 Updated: 02/11/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Qemu

Vulnerability Summary

The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and previous versions and (2) KVM kvm-79 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a certain message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu 0.8.0

qemu qemu 0.7.2

qemu qemu 0.5.3

qemu qemu 0.5.2

qemu qemu

qemu qemu 0.3.0

qemu qemu 0.2.0

qemu qemu 0.1.4

qemu qemu 0.7.1

qemu qemu 0.7.0

qemu qemu 0.5.1

qemu qemu 0.5.0

qemu qemu 0.1.1

qemu qemu 0.1.2

qemu qemu 0.8.2

qemu qemu 0.8.1

qemu qemu 0.5.5

qemu qemu 0.5.4

qemu qemu 0.4.1

qemu qemu 0.4.0

qemu qemu 0.1.6

qemu qemu 0.1.3

qemu qemu 0.9.0

qemu qemu 0.6.1

qemu qemu 0.6.0

qemu qemu 0.4.3

qemu qemu 0.4.2

qemu qemu 0.1.0

qemu qemu 0.1.5

kvm qumranet kvm 73

kvm qumranet kvm

kvm qumranet kvm 78

kvm qumranet kvm 71

kvm qumranet kvm 70

kvm qumranet kvm 62

kvm qumranet kvm 61

kvm qumranet kvm 54

kvm qumranet kvm 53

kvm qumranet kvm 46

kvm qumranet kvm 75

kvm qumranet kvm 74

kvm qumranet kvm 67

kvm qumranet kvm 66

kvm qumranet kvm 58

kvm qumranet kvm 57

kvm qumranet kvm 50

kvm qumranet kvm 49

kvm qumranet kvm 42

kvm qumranet kvm 41

kvm qumranet kvm 40

kvm qumranet kvm 33

kvm qumranet kvm 32

kvm qumranet kvm 25

kvm qumranet kvm 24

kvm qumranet kvm 16

kvm qumranet kvm 15

kvm qumranet kvm 8

kvm qumranet kvm 7

kvm qumranet kvm 45

kvm qumranet kvm 37

kvm qumranet kvm 36

kvm qumranet kvm 29

kvm qumranet kvm 28

kvm qumranet kvm 21

kvm qumranet kvm 20

kvm qumranet kvm 12

kvm qumranet kvm 11

kvm qumranet kvm 4

kvm qumranet kvm 3

kvm qumranet kvm 77

kvm qumranet kvm 76

kvm qumranet kvm 69

kvm qumranet kvm 68

kvm qumranet kvm 60

kvm qumranet kvm 59

kvm qumranet kvm 52

kvm qumranet kvm 51

kvm qumranet kvm 44

kvm qumranet kvm 43

kvm qumranet kvm 35

kvm qumranet kvm 34

kvm qumranet kvm 27

kvm qumranet kvm 26

kvm qumranet kvm 19

kvm qumranet kvm 18

kvm qumranet kvm 17

kvm qumranet kvm 10

kvm qumranet kvm 9

kvm qumranet kvm 2

kvm qumranet kvm 1

kvm qumranet kvm 72

kvm qumranet kvm 65

kvm qumranet kvm 64

kvm qumranet kvm 63

kvm qumranet kvm 56

kvm qumranet kvm 55

kvm qumranet kvm 48

kvm qumranet kvm 47

kvm qumranet kvm 39

kvm qumranet kvm 38

kvm qumranet kvm 31

kvm qumranet kvm 30

kvm qumranet kvm 23

kvm qumranet kvm 22

kvm qumranet kvm 14

kvm qumranet kvm 13

kvm qumranet kvm 6

kvm qumranet kvm 5

Vendor Advisories

Ubuntu Security Notice: kvm regression
USN-776-1 fixed vulnerabilities in KVM Due to an incorrect fix, a regression was introduced in Ubuntu 804 LTS that caused KVM to fail to boot virtual machines started via libvirt This update fixes the problem We apologize for the inconvenience ...
Ubuntu Security Notice: xterm vulnerabilities
Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm Additionally, window title operations were also not safely handled If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges (CVE-2006-7236, CVE-2 ...
Ubuntu Security Notice: kvm vulnerabilities
Avi Kivity discovered that KVM did not correctly handle certain disk formats A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host (CVE-2008-1945, CVE-2008-2004) ...

Exploits

Exploit DB: QEMU 0.9 / KVM 36/79 - VNC Server Remote Denial of Service
source: wwwsecurityfocuscom/bid/32910/info QEMU and KVM are prone to a remote denial-of-service vulnerability that affects the included VNC server Attackers can exploit this issue to create a denial-of-service condition The following are vulnerable: QEMU 091 and prior KVM-79 and prior ## ## vnc remote DoS ## import socket import ...

References

CWE-399http://securitytracker.com/id?1021489http://secunia.com/advisories/33293http://www.coresecurity.com/content/vnc-remote-doshttp://secunia.com/advisories/33303http://www.securityfocus.com/bid/32910http://securitytracker.com/id?1021488https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.htmlhttp://secunia.com/advisories/33350http://securityreason.com/securityalert/4803http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.htmlhttp://secunia.com/advisories/33568http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlhttp://secunia.com/advisories/34642http://www.ubuntu.com/usn/usn-776-1http://secunia.com/advisories/35062http://www.vupen.com/english/advisories/2008/3488http://www.vupen.com/english/advisories/2008/3489https://exchange.xforce.ibmcloud.com/vulnerabilities/47561http://www.securityfocus.com/archive/1/499502/100/0/threadedhttps://nvd.nist.govhttps://usn.ubuntu.com/776-2/https://www.exploit-db.com/exploits/32675/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook