CVE-2011-1165
Published: 12 March 2013
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
Notes
Author | Note |
---|---|
jdstrand | no upstream fix |
mdeslaur | oneiric+ has more explicit text: "Automatically configure UPnP router to open and forward ports". Marking as not-affected. |
Priority
Status
Package | Release | Status |
---|---|---|
vino Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(3.2.0-0ubuntu1.1)
|
|
precise |
Not vulnerable
(3.4.2-0ubuntu1.1)
|
|
quantal |
Not vulnerable
(3.5.92-0ubuntu1)
|
|
raring |
Not vulnerable
(3.5.92-0ubuntu1)
|
|
upstream |
Needs triage
|