CVE-2008-5714

2008-12-24 19:29:15 2017-08-08 03:33:29

Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

NONE

Availability

NONE

QEMU 0.9.1

Qemu - Qemu

Advisory	Patch	Confirmed	Link
			qemu-monitor-weak-security(47683)
			33020
			USN-776-1
			http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=...
			http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&r...
			SUSE-SR:2009:008
			SUSE-SR:2009:002
			[qemu-devel] 20081210 Re: [RESEND] [PATCH v2] Fix off-by...
			[qemu-devel] 20081123 [PATCH] Fix off-by-one bug limitin...

CVE-2008-5714

2008-12-24 19:29:15 2017-08-08 03:33:29

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)