Wind River Support Network

HomeDefectsLIN7-6572

Fixed

LIN7-6572 : Security Advisory - libvirt - CVE-2016-5008

Created: Jul 27, 2016 Updated: Sep 8, 2018

Resolved Date: Jun 15, 2017

Found In Version: 7.0.0.18

Fix Version: 7.0.0.26

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5008

Other Downloads

Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-5008