Description: "Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8 monitor_readline expects buf_size to include the terminating \0, but do_change_vnc in monitor.c calls it as though it doesn't. The other site where monitor_readline reads a password (in vl.c) passes the buffer length correctly." CVE-2008-5714 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5714): "Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended." Fix in SVN: http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966
CVE-2008-5714 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5714): Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
Hi, can't we just remove the older, vulnerable versions?
This comment has been removed because it contained spam. -- idl0r
GLSA vote: yes.
GLSA Vote: no.
There already is a request for qemu for several bugs, so we might as well include this one. I vote YES. .. and added to the request.
@security: 1 year follow up ping.
