CVE-2013-5745

EPSS 20.11%
Veröffentlicht 01.10.2013 17:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial of service (infinite loop, CPU and disk consumption) via multiple crafted requests during authentication.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

David King ≫ Vino Version <= 3.7.3

David King ≫ Vino Version0.12

David King ≫ Vino Version0.14

David King ≫ Vino Version2.7

David King ≫ Vino Version2.7.3

David King ≫ Vino Version2.7.3.1

David King ≫ Vino Version2.7.4

David King ≫ Vino Version2.7.4.90

David King ≫ Vino Version2.7.4.91

David King ≫ Vino Version2.7.90

David King ≫ Vino Version2.7.91

David King ≫ Vino Version2.7.92

David King ≫ Vino Version2.8

David King ≫ Vino Version2.8.0

David King ≫ Vino Version2.8.0.1

David King ≫ Vino Version2.8.1

David King ≫ Vino Version2.9

David King ≫ Vino Version2.9.2

David King ≫ Vino Version2.10

David King ≫ Vino Version2.11

David King ≫ Vino Version2.11.1

David King ≫ Vino Version2.11.1.1

David King ≫ Vino Version2.11.1.2

David King ≫ Vino Version2.11.90

David King ≫ Vino Version2.11.92

David King ≫ Vino Version2.12

David King ≫ Vino Version2.13

David King ≫ Vino Version2.13.5

David King ≫ Vino Version2.14

David King ≫ Vino Version2.15

David King ≫ Vino Version2.16

David King ≫ Vino Version2.17

David King ≫ Vino Version2.17.2

David King ≫ Vino Version2.17.4

David King ≫ Vino Version2.17.5

David King ≫ Vino Version2.17.92

David King ≫ Vino Version2.18

David King ≫ Vino Version2.18.1

David King ≫ Vino Version2.19

David King ≫ Vino Version2.19.5

David King ≫ Vino Version2.19.90

David King ≫ Vino Version2.19.92

David King ≫ Vino Version2.20

David King ≫ Vino Version2.20.1

David King ≫ Vino Version2.21

David King ≫ Vino Version2.21.1

David King ≫ Vino Version2.21.2

David King ≫ Vino Version2.21.3

David King ≫ Vino Version2.21.90

David King ≫ Vino Version2.21.91

David King ≫ Vino Version2.21.92

David King ≫ Vino Version2.22

David King ≫ Vino Version2.22.1

David King ≫ Vino Version2.22.2

David King ≫ Vino Version2.23

David King ≫ Vino Version2.23.5

David King ≫ Vino Version2.23.90

David King ≫ Vino Version2.23.91

David King ≫ Vino Version2.23.92

David King ≫ Vino Version2.24

David King ≫ Vino Version2.24.1

David King ≫ Vino Version2.25

David King ≫ Vino Version2.25.3

David King ≫ Vino Version2.25.4

David King ≫ Vino Version2.25.5

David King ≫ Vino Version2.25.90

David King ≫ Vino Version2.25.91

David King ≫ Vino Version2.25.92

David King ≫ Vino Version2.26

David King ≫ Vino Version2.26.1

David King ≫ Vino Version2.26.2

David King ≫ Vino Version2.27

David King ≫ Vino Version2.27.5

David King ≫ Vino Version2.27.90

David King ≫ Vino Version2.27.91

David King ≫ Vino Version2.27.92

David King ≫ Vino Version2.28

David King ≫ Vino Version2.28.1

David King ≫ Vino Version2.28.2

David King ≫ Vino Version2.28.3

David King ≫ Vino Version2.31.4

David King ≫ Vino Version2.31.91

David King ≫ Vino Version2.32.0

David King ≫ Vino Version2.32.1

David King ≫ Vino Version2.32.2

David King ≫ Vino Version2.99.0

David King ≫ Vino Version2.99.1

David King ≫ Vino Version2.99.2

David King ≫ Vino Version2.99.3

David King ≫ Vino Version2.99.4

David King ≫ Vino Version2.99.5

David King ≫ Vino Version3.0.0

David King ≫ Vino Version3.0.1

David King ≫ Vino Version3.0.2

David King ≫ Vino Version3.0.3

David King ≫ Vino Version3.1

David King ≫ Vino Version3.1.1

David King ≫ Vino Version3.1.2

David King ≫ Vino Version3.1.3

David King ≫ Vino Version3.1.4

David King ≫ Vino Version3.1.5

David King ≫ Vino Version3.1.90

David King ≫ Vino Version3.1.91

David King ≫ Vino Version3.1.92

David King ≫ Vino Version3.2.0

David King ≫ Vino Version3.2.1

David King ≫ Vino Version3.2.2

David King ≫ Vino Version3.3.1

David King ≫ Vino Version3.3.3

David King ≫ Vino Version3.3.92

David King ≫ Vino Version3.4.0

David King ≫ Vino Version3.4.1

David King ≫ Vino Version3.4.2

David King ≫ Vino Version3.5.2

David King ≫ Vino Version3.5.90

David King ≫ Vino Version3.5.92

David King ≫ Vino Version3.6.0

David King ≫ Vino Version3.6.1

David King ≫ Vino Version3.6.2

Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts

Canonical ≫ Ubuntu Linux Version12.10

Canonical ≫ Ubuntu Linux Version13.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	20.11%	0.952

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00003.html

http://rhn.redhat.com/errata/RHSA-2013-1452.html

http://secunia.com/advisories/55090

Vendor Advisory

http://www.ubuntu.com/usn/USN-1980-1

Vendor Advisory

https://bugzilla.gnome.org/show_bug.cgi?id=641811

Vendor Advisory

https://bugzilla.gnome.org/show_bug.cgi?id=707905

Vendor Advisory

https://www.trustwave.com/spiderlabs/advisories/TWSL2013-028.txt

https://nvd.nist.gov/vuln/detail/CVE-2013-5745

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-5745

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-5745

EUVD