22 matches found
SUSE CVE-2013-4130
The 1 redchannelpipesaddtype and 2 redchannelpipesaddemptymsg functions in server/redchannel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service reachable assertion and server exit by triggering a network error...
Mageia: Security Advisory (MGASA-2013-0255)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : rhev-hypervisor6 (RHSA-2013:1260)
An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
[SECURITY] [DSA 2839-1] spice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2839-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 08, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2839-1] spice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2839-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 08, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2839-1 (spice - denial of service)
Multiple vulnerabilities have been found in spice, a SPICE protocol client and server library. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-4130 David Gibson of Red Hat discovered that SPICE incorrectly handled certain network errors. A remote user ab...
CentOS Update for spice-server CESA-2013:1192 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for spice-server RHSA-2013:1192-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for spice-server RHSA-2013:1192-01
Check for the Version of spice-server OpenVAS Vulnerability Test RedHat Update for spice-server RHSA-2013:1192-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS 6 : spice-server (CESA-2013:1192)
An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Scientific Linux Security Update : spice-server on SL6.x x86_64 (20130903)
A flaw was found in the way concurrent access to the clients ring buffer was performed in the spice-server library. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application. CVE-2013-4130 Applications acting as a SPI...
RHEL 6 : spice-server (RHSA-2013:1192)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1192 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display protocol for virtual environments. SPICE users can access a...
[ MDVSA-2013:217 ] spice
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:217 http://www.mandriva.com/en/support/security/ Package : spice Date : August 23, 2013 Affected: Business Server 1.0 Problem Description: Updated spice packages fix security vulnerability: An user able to...
Mandriva Linux Security Advisory : spice (MDVSA-2013:217)
Updated spice packages fix security vulnerability : An user able to initiate spice connection to the guest could use a flaw in server/redchannel.c to crash the guest CVE-2013-4130. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Updated spice packages fix CVE-2013-4130
Updated spice packages fix security vulnerability: An user able to initiate spice connection to the guest could use a flaw in server/redchannel.c to crash the guest CVE-2013-4130...
MGASA-2013-0255 Updated spice packages fix CVE-2013-4130
Updated spice packages fix security vulnerability: An user able to initiate spice connection to the guest could use a flaw in server/redchannel.c to crash the guest CVE-2013-4130...
CVE-2013-4130
The 1 redchannelpipesaddtype and 2 redchannelpipesaddemptymsg functions in server/redchannel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service reachable assertion and server exit by triggering a network error...
CVE-2013-4130
CVE-2013-4130 relates to SPICE, specifically the spice-server in SPICE before 0.12.4. The issue arises from how two functions, red_channel_pipes_add_type and red_channel_pipes_add_empty_msg, handle ring loops, which can be triggered by a network error. This may allow a remote attacker to cause a ...
Fedora Update for spice FEDORA-2013-14110
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for spice FEDORA-2013-14362
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...