Rapid7 Vulnerability & Exploit Database

ELSA-2013-0169 Moderate: Oracle Linux vino security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2013-0169 Moderate: Oracle Linux vino security update

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Published

09/30/2012

Created

07/25/2018

Added

01/25/2013

Modified

04/11/2019

Description

Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.

Solution(s)

oracle-linux-upgrade-vino

References

https://attackerkb.com/topics/cve-2011-0904
47681
55548
CVE - 2011-0904
CVE - 2011-0905
CVE - 2011-1164
CVE - 2011-1165
CVE - 2012-4429
DSA-2238
RHSA-2013:0169
http://oss.oracle.com/pipermail/el-errata/2013-January/003218.html
67243
67244
78602

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;