Vulnerabilities > CVE-2008-2382 - Resource Management Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | QEMU 0.9 and KVM 36/79 VNC Server Remote Denial of Service Vulnerability. CVE-2008-2382 . Dos exploit for linux platform |
| id | EDB-ID:32675 |
| last seen | 2016-02-03 |
| modified | 2008-12-22 |
| published | 2008-12-22 |
| reporter | Alfredo Ortega |
| source | https://www.exploit-db.com/download/32675/ |
| title | QEMU 0.9 and KVM 36/79 VNC Server Remote Denial of Service Vulnerability |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-703-1.NASL description Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges. (CVE-2006-7236, CVE-2008-2382). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 37162 published 2009-04-23 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37162 title Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xterm vulnerabilities (USN-703-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-009.NASL description Security vulnerabilities have been discovered and corrected in VNC server of kvm version 79 and earlier, which could lead to denial-of-service attacks (CVE-2008-2382), and make it easier for remote crackers to guess the VNC password (CVE-2008-5714). The updated packages have been patched to prevent this. last seen 2020-06-01 modified 2020-06-02 plugin id 36990 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36990 title Mandriva Linux Security Advisory : kvm (MDVSA-2009:009) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-010.NASL description A security vulnerability have been discovered and corrected in VNC server of qemu 0.9.1 and earlier, which could lead to a denial-of-service attack (CVE-2008-2382). The updated packages have been patched to prevent this. last seen 2020-06-01 modified 2020-06-02 plugin id 37093 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37093 title Mandriva Linux Security Advisory : qemu (MDVSA-2009:010) NASL family Fedora Local Security Checks NASL id FEDORA_2008-11727.NASL description ---------------------------------------------------------------------- ---------- ChangeLog : - Mon Dec 22 2008 Glauber Costa <glommer at redhat.com> - 74-10 - Fixed CVE-2008-2382. - Thu Dec 4 2008 Glauber Costa <glommer at redhat.com> - 74-9 - Fixed bug that corrupted gnome-panel #474703 - Tue Dec 2 2008 Glauber Costa <glommer at redhat.com> - 74-8 - Properly set flags for interrupt return #474059 - Mon Nov 24 2008 Glauber Costa <glommer at redhat.com> - 74-7 - added upstream patch kvm-restore-option-rom.patch - #470561 - Tue Nov 11 2008 Glauber Costa <glommer at redhat.com> - 74-6 - Fix cirrus vulnerability (CVE-2008-4539) - #471055 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 37268 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37268 title Fedora 10 : kvm-74-10.fc10 (2008-11727) NASL family SuSE Local Security Checks NASL id SUSE_11_0_QEMU-090325.NASL description qemu update to version 0.10.1 fixes the following security issues : CVE-2008-0928: problems with range checks of block devices CVE-2008-1945: problems with removable media handling CVE-2008-2382: vnc server DoS CVE-2008-4539: fix a heap overflow in the cirrus VGA implementation CVE-2008-5714: off by one error in vnc password handling last seen 2020-06-01 modified 2020-06-02 plugin id 40118 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40118 title openSUSE Security Update : qemu (qemu-691) NASL family SuSE Local Security Checks NASL id SUSE_11_1_QEMU-090325.NASL description qemu update to version 0.10.1 fixes the following security issues : CVE-2008-0928: problems with range checks of block devices CVE-2008-1945: problems with removable media handling CVE-2008-2382: vnc server DoS CVE-2008-4539: fix a heap overflow in the cirrus VGA implementation CVE-2008-5714: off by one error in vnc password handling last seen 2020-06-01 modified 2020-06-02 plugin id 40302 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40302 title openSUSE Security Update : qemu (qemu-691) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-776-2.NASL description USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. We apologize for the inconvenience. Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. (CVE-2008-1945, CVE-2008-2004) Alfredo Ortega discovered that KVM last seen 2020-06-01 modified 2020-06-02 plugin id 38777 published 2009-05-14 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38777 title Ubuntu 8.04 LTS : kvm regression (USN-776-2) NASL family SuSE Local Security Checks NASL id SUSE_11_1_KVM-090112.NASL description Rogue VNC clients could make the built in VNC server of kvm run into an infinite loop (CVE-2008-2382) An off-by-one bug limited the length of VNC passwords to seven instead of eight (CVE-2008-5714) Virtualized guests could potentially execute code on the host by triggering a buffer overflow in the network emulation code via large ethernet frames (CVE-2007-5729) Virtualized guests could potentially execute code on the host by triggering a heap based buffer overflow in the Cirrus Graphics card emulation (CVE-2007-1320). last seen 2020-06-01 modified 2020-06-02 plugin id 40254 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40254 title openSUSE Security Update : kvm (kvm-412) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-008.NASL description Security vulnerabilities have been discovered and corrected in VNC server of qemu version 0.9.1 and earlier, which could lead to denial-of-service attacks (CVE-2008-2382), and make it easier for remote crackers to guess the VNC password (CVE-2008-5714). The updated packages have been patched to prevent this. last seen 2020-06-01 modified 2020-06-02 plugin id 36993 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36993 title Mandriva Linux Security Advisory : qemu (MDVSA-2009:008) NASL family SuSE Local Security Checks NASL id SUSE_QEMU-6123.NASL description qemu update to version 0.10.1 fixes the following security issues : CVE-2008-0928: problems with range checks of block devices CVE-2008-1945: problems with removable media handling CVE-2008-2382: vnc server DoS CVE-2008-4539: fix a heap overflow in the cirrus VGA implementation CVE-2008-5714: off by one error in vnc password handling last seen 2020-06-01 modified 2020-06-02 plugin id 36082 published 2009-04-03 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36082 title openSUSE 10 Security Update : qemu (qemu-6123) NASL family Fedora Local Security Checks NASL id FEDORA_2008-11705.NASL description ---------------------------------------------------------------------- ---------- ChangeLog : - Mon Dec 22 2008 Glauber Costa <gcosta at redhat.com> - 65-15.fc9 - Fixed CVE-2008-2382. - Thu Dec 4 2008 Glauber Costa <gcosta at redhat.com> - 65-14.fc9 - Fixed bug that corrupted gnome-panel #474702 - Tue Dec 2 2008 Glauber Costa <gcosta at redhat.com> - 65-12.fc9 - Properly set flags for interrupt return #464304 - Tue Nov 11 2008 Glauber Costa <gcosta at redhat.com> - 65-11.fc9 - Fix CVE-2008-4539 #448525 - Mon Oct 13 2008 Glauber Costa <gcosta at redhat.com> - 65-10.fc9 - Fix sysenter save in 64-bit hosts #457649 - Thu Aug 28 2008 Glauber Costa <gcosta at redhat.com> - 65-9.fc9 - there last seen 2020-06-01 modified 2020-06-02 plugin id 35266 published 2008-12-26 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35266 title Fedora 9 : kvm-65-15.fc9 (2008-11705) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-776-1.NASL description Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. (CVE-2008-1945, CVE-2008-2004) Alfredo Ortega discovered that KVM last seen 2020-06-01 modified 2020-06-02 plugin id 38759 published 2009-05-13 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38759 title Ubuntu 8.04 LTS / 8.10 : kvm vulnerabilities (USN-776-1) NASL family SuSE Local Security Checks NASL id SUSE_11_0_KVM-090112.NASL description Rogue VNC clients could make the built in VNC server of kvm run into an infinite loop (CVE-2008-2382) An off-by-one bug limited the length of VNC passwords to seven instead of eight (CVE-2008-5714) Virtualized guests could potentially execute code on the host by triggering a buffer overflow in the network emulation code via large ethernet frames (CVE-2007-5729) Virtualized guests could potentially execute code on the host by triggering a heap based buffer overflow in the Cirrus Graphics card emulation (CVE-2007-1320). last seen 2020-06-01 modified 2020-06-02 plugin id 40019 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40019 title openSUSE Security Update : kvm (kvm-412)
Statements
| contributor | Mark J Cox |
| lastmodified | 2009-01-05 |
| organization | Red Hat |
| statement | Not vulnerable. This issue did not affect the version of the Xen package as shipped with Red Hat Enterprise Linux 5. |
References
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
- http://secunia.com/advisories/33293
- http://secunia.com/advisories/33303
- http://secunia.com/advisories/33350
- http://secunia.com/advisories/33568
- http://secunia.com/advisories/34642
- http://secunia.com/advisories/35062
- http://securityreason.com/securityalert/4803
- http://securitytracker.com/id?1021488
- http://securitytracker.com/id?1021489
- http://www.coresecurity.com/content/vnc-remote-dos
- http://www.securityfocus.com/archive/1/499502/100/0/threaded
- http://www.securityfocus.com/bid/32910
- http://www.ubuntu.com/usn/usn-776-1
- http://www.vupen.com/english/advisories/2008/3488
- http://www.vupen.com/english/advisories/2008/3489
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47561
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html