Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: GLSA-200703-19 High: LTSP LibVNCServer Authentication Flaw

gentoo
Calendar Grey March 18, 2007
Dist Gentoo Esm H88
A security loophole in Gentoo LTSP's LibVNCServer enables unauthorized entry. Update without delay.
LTSP includes a version of libVNCServer that is vulnerable to an authentication bypass.

Summary

Gentoo Linux Security Advisory GLSA 200703-19 https://security.gentoo.org/ Severity: High Title: LTSP: Authentication bypass in included LibVNCServer code Date: March 18, 2007 Bugs: #142661 ID: 200703-19

Synopsis ======= LTSP includes a version of libVNCServer that is vulnerable to an authentication bypass.
Background ========= The Linux Terminal Server Project adds thin-client support to Linux servers.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/ltsp < 4.2-r1 >= 4.2-r1
========== The LTSP server includes vulnerable LibVNCServer code, which fails to properly validate protocol types effectively letting users decide what protocol to use, suc...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo security flaw authentication bypass ltsp libvncserver

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo security flaw authentication bypass ltsp libvncserver

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here