CVE-2011-1165

Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.1 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
david_kingvino
𝑥
≤ 3.1.92
david_kingvino
0.12
david_kingvino
0.14
david_kingvino
2.7
david_kingvino
2.7.3
david_kingvino
2.7.3.1
david_kingvino
2.7.4
david_kingvino
2.7.4.90
david_kingvino
2.7.4.91
david_kingvino
2.7.90
david_kingvino
2.7.91
david_kingvino
2.7.92
david_kingvino
2.8
david_kingvino
2.8.0
david_kingvino
2.8.0.1
david_kingvino
2.8.1
david_kingvino
2.9
david_kingvino
2.9.2
david_kingvino
2.10
david_kingvino
2.11
david_kingvino
2.11.1
david_kingvino
2.11.1.1
david_kingvino
2.11.1.2
david_kingvino
2.11.90
david_kingvino
2.11.92
david_kingvino
2.12
david_kingvino
2.13
david_kingvino
2.13.5
david_kingvino
2.14
david_kingvino
2.15
david_kingvino
2.16
david_kingvino
2.17
david_kingvino
2.17.2
david_kingvino
2.17.4
david_kingvino
2.17.5
david_kingvino
2.17.92
david_kingvino
2.18
david_kingvino
2.18.1
david_kingvino
2.19
david_kingvino
2.19.5
david_kingvino
2.19.90
david_kingvino
2.19.92
david_kingvino
2.20
david_kingvino
2.20.1
david_kingvino
2.21
david_kingvino
2.21.1
david_kingvino
2.21.2
david_kingvino
2.21.3
david_kingvino
2.21.90
david_kingvino
2.21.91
david_kingvino
2.21.92
david_kingvino
2.22
david_kingvino
2.22.1
david_kingvino
2.22.2
david_kingvino
2.23
david_kingvino
2.23.5
david_kingvino
2.23.90
david_kingvino
2.23.91
david_kingvino
2.23.92
david_kingvino
2.24
david_kingvino
2.24.1
david_kingvino
2.25
david_kingvino
2.25.3
david_kingvino
2.25.4
david_kingvino
2.25.5
david_kingvino
2.25.90
david_kingvino
2.25.91
david_kingvino
2.25.92
david_kingvino
2.26
david_kingvino
2.26.1
david_kingvino
2.26.2
david_kingvino
2.27
david_kingvino
2.27.5
david_kingvino
2.27.90
david_kingvino
2.27.91
david_kingvino
2.27.92
david_kingvino
2.28
david_kingvino
2.28.1
david_kingvino
2.28.2
david_kingvino
2.28.3
david_kingvino
2.31.4
david_kingvino
2.31.91
david_kingvino
2.32.0
david_kingvino
2.32.1
david_kingvino
2.32.2
david_kingvino
2.99.0
david_kingvino
2.99.1
david_kingvino
2.99.2
david_kingvino
2.99.3
david_kingvino
2.99.4
david_kingvino
2.99.5
david_kingvino
3.0.0
david_kingvino
3.0.1
david_kingvino
3.0.2
david_kingvino
3.0.3
david_kingvino
3.1
david_kingvino
3.1.1
david_kingvino
3.1.2
david_kingvino
3.1.3
david_kingvino
3.1.4
david_kingvino
3.1.5
david_kingvino
3.1.90
david_kingvino
3.1.91
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
vino
sid
unimportant
trixie
unimportant
bookworm
unimportant
bullseye
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vino
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
References
http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40
https://bugzilla.gnome.org/show_bug.cgi?id=594521
https://bugzilla.redhat.com/show_bug.cgi?id=678846
http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40
https://bugzilla.gnome.org/show_bug.cgi?id=594521
https://bugzilla.redhat.com/show_bug.cgi?id=678846