8 matches found
SUSE CVE-2008-5714
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended...
DEBIAN-CVE-2008-2382
The protocolclientmsg function in vnc.c in the VNC server in 1 Qemu 0.9.1 and earlier and 2 KVM kvm-79 and earlier allows remote attackers to cause a denial of service infinite loop via a certain message...
Code injection
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended...
CVE-2008-5714
CVE-2008-5714 is an off-by-one bug in KVM’s VNC password handling that limits VNC passwords to seven characters (where eight were intended), potentially allowing remote attackers to guess the password. Debian’s DSA-1907-1 and OpenVAS/OpenVulnerability entries document the issue in kvm and note th...
CVE-2008-5714
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended...
Design/Logic Flaw
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...
Format string
The driveinit function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted...
CVE-2008-0928
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine...