CVE-2009-0388 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0388): Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.
Only affects windows and we don't have that tightvnc version.
We have net-misc/tightvnc-1.3.9 or do you mean that we do not have the windows version?!? Where did you find information that only windows is affected? I didn't search too much (that's why the bug's state is still "NEW" and not "ASSIGNED"), because I'm currently very short on time, sorry...
(In reply to comment #2) > We have net-misc/tightvnc-1.3.9 or do you mean that we do not have the windows > version?!? > Where did you find information that only windows is affected? I didn't search > too much (that's why the bug's state is still "NEW" and not "ASSIGNED"), > because I'm currently very short on time, sorry... > Oh, sorry, didn't saw the 1.3.9 thing. Anyway, it says it affects tightvnc and ultravnc. Ultravnc is windows-only, and i think tightvnc's windows version is based on ultravnc. The URL you posted: http://vnc-tight.svn.sourceforge.net/viewvc/vnc-tight?view=rev&revision=3564 , also only has changes on the windows part.
Someone who has enough time could try the exploit to see if we are vulnerable =) http://www.milw0rm.com/exploits/8024
- The directory of the commit is ".../vnc_winsrc/..." - We don't have a ClientConnection.cpp - The exploits crash rather than TightVNC -> NFU
