Upstream information

CVE-2011-1164 at MITRE

Description

Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.6
Vector AV:N/AC:H/Au:S/C:P/I:P/A:P
Access Vector Network
Access Complexity High
Authentication Single
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 680072 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • vino >= 3.10.1-1.86
  • vino-lang >= 3.10.1-1.86
Patchnames:
SUSE Linux Enterprise Desktop 12 GA vino
SUSE Linux Enterprise Desktop 12 SP1
  • vino >= 3.10.1-1.86
  • vino-lang >= 3.10.1-1.86
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA vino
SUSE Linux Enterprise Desktop 12 SP2
  • vino >= 3.20.2-5.8
  • vino-lang >= 3.20.2-5.8
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA vino
SUSE Linux Enterprise Desktop 12 SP3
  • vino >= 3.20.2-5.8
  • vino-lang >= 3.20.2-5.8
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA vino
SUSE Linux Enterprise Module for Desktop Applications 15
  • vino >= 3.22.0-1.62
  • vino-lang >= 3.22.0-1.62
Patchnames:
SUSE Linux Enterprise Module for Desktop Applications 15 GA vino
SUSE Linux Enterprise Server 12
  • vino >= 3.10.1-1.86
  • vino-lang >= 3.10.1-1.86
Patchnames:
SUSE Linux Enterprise Server 12 GA vino
SUSE Linux Enterprise Server 12 SP1
  • vino >= 3.10.1-1.86
  • vino-lang >= 3.10.1-1.86
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA vino
SUSE Linux Enterprise Server 12 SP2
  • vino >= 3.20.2-5.8
  • vino-lang >= 3.20.2-5.8
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA vino
SUSE Linux Enterprise Server 12 SP3
  • vino >= 3.20.2-5.8
  • vino-lang >= 3.20.2-5.8
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA vino
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • vino >= 3.20.2-5.8
  • vino-lang >= 3.20.2-5.8
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA vino
openSUSE Leap 42.1
  • vino >= 3.16.0-2.3
  • vino-lang >= 3.16.0-2.3
Patchnames:
openSUSE Leap 42.1 GA vino
openSUSE Leap 42.2
  • vino >= 3.20.2-1.3
  • vino-lang >= 3.20.2-1.3
Patchnames:
openSUSE Leap 42.2 GA vino
openSUSE Leap 42.3
  • vino >= 3.20.2-3.3
  • vino-lang >= 3.20.2-3.3
Patchnames:
openSUSE Leap 42.3 GA vino
openSUSE Tumbleweed
  • vino >= 3.22.0-1.1
  • vino-lang >= 3.22.0-1.1
Patchnames:
openSUSE Tumbleweed GA vino