CVE-2011-1165

EUVD-2011-1175
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.1 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
david_kingvino
𝑥
≤ 3.1.92
david_kingvino
0.12
david_kingvino
0.14
david_kingvino
2.7
david_kingvino
2.7.3
david_kingvino
2.7.3.1
david_kingvino
2.7.4
david_kingvino
2.7.4.90
david_kingvino
2.7.4.91
david_kingvino
2.7.90
david_kingvino
2.7.91
david_kingvino
2.7.92
david_kingvino
2.8
david_kingvino
2.8.0
david_kingvino
2.8.0.1
david_kingvino
2.8.1
david_kingvino
2.9
david_kingvino
2.9.2
david_kingvino
2.10
david_kingvino
2.11
david_kingvino
2.11.1
david_kingvino
2.11.1.1
david_kingvino
2.11.1.2
david_kingvino
2.11.90
david_kingvino
2.11.92
david_kingvino
2.12
david_kingvino
2.13
david_kingvino
2.13.5
david_kingvino
2.14
david_kingvino
2.15
david_kingvino
2.16
david_kingvino
2.17
david_kingvino
2.17.2
david_kingvino
2.17.4
david_kingvino
2.17.5
david_kingvino
2.17.92
david_kingvino
2.18
david_kingvino
2.18.1
david_kingvino
2.19
david_kingvino
2.19.5
david_kingvino
2.19.90
david_kingvino
2.19.92
david_kingvino
2.20
david_kingvino
2.20.1
david_kingvino
2.21
david_kingvino
2.21.1
david_kingvino
2.21.2
david_kingvino
2.21.3
david_kingvino
2.21.90
david_kingvino
2.21.91
david_kingvino
2.21.92
david_kingvino
2.22
david_kingvino
2.22.1
david_kingvino
2.22.2
david_kingvino
2.23
david_kingvino
2.23.5
david_kingvino
2.23.90
david_kingvino
2.23.91
david_kingvino
2.23.92
david_kingvino
2.24
david_kingvino
2.24.1
david_kingvino
2.25
david_kingvino
2.25.3
david_kingvino
2.25.4
david_kingvino
2.25.5
david_kingvino
2.25.90
david_kingvino
2.25.91
david_kingvino
2.25.92
david_kingvino
2.26
david_kingvino
2.26.1
david_kingvino
2.26.2
david_kingvino
2.27
david_kingvino
2.27.5
david_kingvino
2.27.90
david_kingvino
2.27.91
david_kingvino
2.27.92
david_kingvino
2.28
david_kingvino
2.28.1
david_kingvino
2.28.2
david_kingvino
2.28.3
david_kingvino
2.31.4
david_kingvino
2.31.91
david_kingvino
2.32.0
david_kingvino
2.32.1
david_kingvino
2.32.2
david_kingvino
2.99.0
david_kingvino
2.99.1
david_kingvino
2.99.2
david_kingvino
2.99.3
david_kingvino
2.99.4
david_kingvino
2.99.5
david_kingvino
3.0.0
david_kingvino
3.0.1
david_kingvino
3.0.2
david_kingvino
3.0.3
david_kingvino
3.1
david_kingvino
3.1.1
david_kingvino
3.1.2
david_kingvino
3.1.3
david_kingvino
3.1.4
david_kingvino
3.1.5
david_kingvino
3.1.90
david_kingvino
3.1.91
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
vino
bookworm
unimportant
bullseye
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vino
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
not-affected
precise
not-affected
quantal
not-affected
raring
not-affected
References
http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40
https://bugzilla.gnome.org/show_bug.cgi?id=594521
https://bugzilla.redhat.com/show_bug.cgi?id=678846
http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40
https://bugzilla.gnome.org/show_bug.cgi?id=594521
https://bugzilla.redhat.com/show_bug.cgi?id=678846