In association with heise online

10 December 2008, 10:50

Security vulnerability in GNOME desktop VNC client

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The GNOME desktop's VNC client Vinagre contains a security vulnerability which can be exploited by attackers operating manipulated VNC servers to inject malicious code onto users' systems. The cause of the problem is a format string vulnerability in the vinagre_utils_show_error() function in src/vinagre-utils.c.

Using specific messages containing format string specifiers it is possible to write code to memory and, according to Core Security, in some cases execute this code with the user’s privileges. This is reported to be possible under Ubuntu version 8.04 (Hardy), whilst in Ubuntu version 8.10 (Ibex) Vinagre merely crashes. A successful attack requires the victim to connect to a malicious server.

The bug can be exploited both remotely and locally, for example via vinagre %n%n, and using crafted vnc files. All versions up to 2.24.1 are affected. The bug is fixed in version 2.24.2 (gzip file download link). Linux distributors are already releasing updated packages.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit