Canonical Closes Vino Exploit in Ubuntu OSes

A few other operating systems from Canonical have been affected by this vulnerability

By Silviu Stahie on January 22nd, 2013 19:31 GMT

On January 22, Canonical published in a security notice details about an RPM vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

According to Canonical, Vino could be made to expose sensitive information over the network.

It was discovered that Vino incorrectly transmitted clipboard activity before authenticating the remote connection. A remote attacker could connect to Vino and monitor clipboard activity.

The security flaws can be fixed if you upgrade your system(s) to the latest vino package, specific to each operating system. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes, but users have to restart the virtual machine.

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
Ubuntu 12.10 desktop
   Ubuntu 12.10 desktop
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments