Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 250314

Summary: net-misc/vinagre < 0.5.2 or < 2.24.2 vinagre_utils_show_error() execution of arbitrary code (CVE-2008-5660)
Product: Gentoo Security Reporter: stupendoussteve
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: gnome
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/Advisories/33041/
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description stupendoussteve 2008-12-08 19:39:53 UTC 
Description:
A vulnerability has been discovered in Vinagre, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a format string error within the "vinagre_utils_show_error()" function in src/vinagre-utils.c. This can be exploited by e.g. tricking a user into opening a specially crafted .vnc file.

Successful exploitation may allow the execution of arbitrary code.

The vulnerability is confirmed in version 2.24.0. Other versions may also be affected.

Ref: http://ftp.gnome.org/pub/GNOME/sources/vinagre/0.5/vinagre-0.5.2.changes
http://ftp.gnome.org/pub/GNOME/sources/vinagre/2.24/vinagre-2.24.2.changes

Reproducible: Always
Comment 1 Mart Raudsepp gentoo-dev 2008-12-10 03:14:11 UTC 
vinagre 0.5.2 and 2.24.2 are in portage tree now - they contain the obvious fix.

Arches, please stabilize net-misc/vinagre-0.5.2
Comment 2 Tobias Heinlein (RETIRED) gentoo-dev 2008-12-10 17:27:37 UTC 
amd64 stable
Comment 3 Markus Meier gentoo-dev 2008-12-10 22:18:09 UTC 
x86 stable
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2008-12-11 17:57:03 UTC 
Stable for HPPA. Looks like 2.24.1 can be removed immediately.
Comment 5 Brent Baude (RETIRED) gentoo-dev 2008-12-11 21:24:18 UTC 
ppc64 done
Comment 6 Friedrich Oslage (RETIRED) gentoo-dev 2008-12-13 11:03:41 UTC 
sparc stable
Comment 7 Tobias Scherbaum (RETIRED) gentoo-dev 2008-12-13 13:48:44 UTC 
ppc stable
Comment 8 Raúl Porcel (RETIRED) gentoo-dev 2008-12-13 17:30:58 UTC 
alpha/ia64 stable
Comment 9 Tobias Heinlein (RETIRED) gentoo-dev 2008-12-13 20:31:13 UTC 
GLSA request filed.
Comment 10 Robert Buchholz (RETIRED) gentoo-dev 2008-12-18 16:33:27 UTC 
CVE-2008-5660 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5660):
  Format string vulnerability in the vinagre_utils_show_error function
  (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before
  2.24.2 might allow remote attackers to execute arbitrary code via a
  crafted URI or VNC server response.
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-03-06 22:05:06 UTC 
GLSA 200903-01