Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2016-5008
Description:libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
Test IDs: 1.3.6.1.4.1.25623.1.0.703613   1.3.6.1.4.1.25623.1.0.808993   1.3.6.1.4.1.25623.1.0.808989   1.3.6.1.4.1.25623.1.1.2.2017.1053   1.3.6.1.4.1.25623.1.1.2.2017.1052   1.3.6.1.4.1.25623.1.1.4.2016.2053.1   1.3.6.1.4.1.25623.1.1.4.2016.1944.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-5008
BugTraq ID: 91562
http://www.securityfocus.com/bid/91562
Debian Security Information: DSA-3613 (Google Search)
http://www.debian.org/security/2016/dsa-3613
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZZMOMRXNPALA34XDF5NK363KDLAYSTL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTQF6LXKEEMJG4VOOCIAPJAD6ACBYP4W/
RedHat Security Advisories: RHSA-2016:2577
http://rhn.redhat.com/errata/RHSA-2016-2577.html
SuSE Security Announcement: openSUSE-SU-2016:1809 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-07/msg00054.html
SuSE Security Announcement: openSUSE-SU-2016:1810 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-07/msg00055.html
SuSE Security Announcement: openSUSE-SU-2016:1975 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-08/msg00024.html
https://usn.ubuntu.com/3576-1/




© 1998-2021 E-Soft Inc. All rights reserved.