LSN-2016-0001 - Authentication disabled when setting empty VNC password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



        Libvirt Security Notice: LSN-2016-0001
        ======================================

       Summary: Authentication disabled when setting empty VNC
                password
   Reported on: 20130531
  Published on: 20130531
      Fixed on: 20160630
   Reported by: Vivian Zhang <vivianzhang@xxxxxxxxxx>
                Christoph Anton Mitterer <calestyo@xxxxxxxxxxxx>
    Patched by: Jiri Denemar <jdenemar@xxxxxxxxxx>
      See also: CVE-2016-5008

Description
-----------

An empty password set for the VNC server is documented as preventing
all client connections. This is the behaviour when QEMU virtual
machines are first started with the 'password' flag given to the
-vnc argument and when setting the password with the 'change vnc'
monitor command. When libvirt switched to using 'set_password' QMP
command though using an empty password had the effect of disabling
password checking and thus allowing any client connection with no
authentication check.

Impact
------

When the password on a VNC server is set to the empty string,
authentication on the VNC server will be disabled allowing any user
to connect. An application would meanwhile expect that the empty
string would prevent all users from connecting

Workaround
----------

The VNC password authentication scheme is generally considered to
offer inadequate security, so its use is not recommended at all,
regardless of this vulnerability. Applications and administrators
are thus encouraged to make use of the VNC TLS extension together
with SASL for strong authentication.

Affected product
----------------

        Name: libvirt
  Repository: git://libvirt.org/git/libvirt.git
              http://libvirt.org/git/?p=libvirt.git

      Branch: master
   Broken in: v0.8.8
   Broken in: v0.9.0
   Broken in: v0.9.1
   Broken in: v0.9.2
   Broken in: v0.9.3
   Broken in: v0.9.4
   Broken in: v0.9.5
   Broken in: v0.9.6
   Broken in: v0.9.7
   Broken in: v0.9.8
   Broken in: v0.9.9
   Broken in: v0.9.10
   Broken in: v0.9.11
   Broken in: v0.9.12
   Broken in: v0.9.13
   Broken in: v0.10.0
   Broken in: v0.10.1
   Broken in: v0.10.2
   Broken in: v1.0.0
   Broken in: v1.0.1
   Broken in: v1.0.2
   Broken in: v1.0.3
   Broken in: v1.0.4
   Broken in: v1.0.5
   Broken in: v1.0.6
   Broken in: v1.1.0
   Broken in: v1.1.1
   Broken in: v1.1.2
   Broken in: v1.1.3
   Broken in: v1.1.4
   Broken in: v1.2.0
   Broken in: v1.2.1
   Broken in: v1.2.2
   Broken in: v1.2.3
   Broken in: v1.2.4
   Broken in: v1.2.5
   Broken in: v1.2.6
   Broken in: v1.2.7
   Broken in: v1.2.8
   Broken in: v1.2.9
   Broken in: v1.2.10
   Broken in: v1.2.11
   Broken in: v1.2.12
   Broken in: v1.2.13
   Broken in: v1.2.14
   Broken in: v1.2.15
   Broken in: v1.2.16
   Broken in: v1.2.17
   Broken in: v1.2.18
   Broken in: v1.2.19
   Broken in: v1.2.20
   Broken in: v1.2.21
   Broken in: v1.3.0
   Broken in: v1.3.1
   Broken in: v1.3.2
   Broken in: v1.3.3
   Broken in: v1.3.4
   Broken in: v1.3.5
    Fixed in: v2.0.0
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: bb848feec0f3f10e92dd8e5231ae7aa89b5598f3

      Branch: v0.9.6-maint
   Broken in: v0.9.6.1
   Broken in: v0.9.6.2
   Broken in: v0.9.6.3
   Broken in: v0.9.6.4
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f

      Branch: v0.9.11-maint
   Broken in: v0.9.11.1
   Broken in: v0.9.11.2
   Broken in: v0.9.11.3
   Broken in: v0.9.11.4
   Broken in: v0.9.11.5
   Broken in: v0.9.11.6
   Broken in: v0.9.11.7
   Broken in: v0.9.11.8
   Broken in: v0.9.11.9
   Broken in: v0.9.11.10
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f

      Branch: v0.9.12-maint
   Broken in: v0.9.12.1
   Broken in: v0.9.12.2
   Broken in: v0.9.12.3
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: eea38b5922b7daff91fd146869a337287e77065e

      Branch: v0.10.2-maint
   Broken in: v0.10.2.1
   Broken in: v0.10.2.2
   Broken in: v0.10.2.3
   Broken in: v0.10.2.4
   Broken in: v0.10.2.5
   Broken in: v0.10.2.6
   Broken in: v0.10.2.7
   Broken in: v0.10.2.8
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 418a165da6e61ab548349408e4ba0c0d612ef5af

      Branch: v1.0.2-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 139a4265774b7aa194f8479a82188bc1337cd7a4

      Branch: v1.0.3-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 3779715e8d4522f1f5de20746fd96bbe59167d1a

      Branch: v1.0.4-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: a3954cc79358a990720fab36b4feaecd0266c5c6

      Branch: v1.0.5-maint
   Broken in: v1.0.5.1
   Broken in: v1.0.5.2
   Broken in: v1.0.5.3
   Broken in: v1.0.5.4
   Broken in: v1.0.5.5
   Broken in: v1.0.5.6
   Broken in: v1.0.5.7
   Broken in: v1.0.5.8
   Broken in: v1.0.5.9
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 6fd8d6b655b925df306652d525e388860704d67d

      Branch: v1.0.6-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: c8df12a1394d75e12da09ec4189eea360feb059d

      Branch: v1.1.0-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 1338fceea2f16c20b2aa91515918c7cc977d5f29

      Branch: v1.1.1-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 6a11fd52b480bb47f8cc988763333788201ab1ab

      Branch: v1.1.2-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 832cc0eff8feb2f14613a75b0e1d5671735d2094

      Branch: v1.1.3-maint
   Broken in: v1.1.3.1
   Broken in: v1.1.3.2
   Broken in: v1.1.3.3
   Broken in: v1.1.3.4
   Broken in: v1.1.3.5
   Broken in: v1.1.3.6
   Broken in: v1.1.3.7
   Broken in: v1.1.3.8
   Broken in: v1.1.3.9
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 39419b37c2049cfa36110d75c9071f8a72fa238d

      Branch: v1.1.4-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 916f5c9d1f6b2145dac93311925db3eb93d3e5aa

      Branch: v1.2.0-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 20397434fc036dead7e5c375aec7483334396178

      Branch: v1.2.1-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: e4ecee35aed931cc10a7c84ec9829ccefddecefa

      Branch: v1.2.2-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 4816c5370ecf9ed412068c6c3795a2fd71ebc354

      Branch: v1.2.3-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 6f7cfb5ba21d5e710a88c2e0fcbc150b59ac510c

      Branch: v1.2.4-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: dd9cca35bce5bea871f96264cfe9f629566f0b12

      Branch: v1.2.5-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: f39de9abfd4b8b19a012169355a0e73dae427bd0

      Branch: v1.2.6-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: d933f68ee660566b52cd90330aee0d5f414636a4

      Branch: v1.2.7-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 0d052f8abd8bc38ac982e88294737c6ddf3e6484

      Branch: v1.2.8-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 05d238be999f6488b6f24cbbff3dada0560d97bf

      Branch: v1.2.9-maint
   Broken in: v1.2.9.1
   Broken in: v1.2.9.2
   Broken in: v1.2.9.3
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: f32441c69bf450d6ac593c3acd621c37e120cdaf

      Branch: v1.2.10-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 33802d62af95fd7a4e86f2755efe94af59158fea

      Branch: v1.2.11-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: b7fbb52ac8d1198ba42b3d1f6cc3079497eea704

      Branch: v1.2.12-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 819c14190cbea4ef1f99acfbd5e0389899142bd5

      Branch: v1.2.13-maint
   Broken in: v1.2.13.1
   Broken in: v1.2.13.2
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 35c2bd75f2c8312687f965a80cc2b6255daf6575

      Branch: v1.2.14-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: ea59deeeead2e4894f3651977aa6114849b857fb

      Branch: v1.2.15-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 9e181d7f6c76f9a84e2c8638722bb98ac61b6baa

      Branch: v1.2.16-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: b869aab71102c41247a3fede506e88700bb95e55

      Branch: v1.2.17-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 49fa383bb03328f7def85e249e252abe5e602e39

      Branch: v1.2.18-maint
   Broken in: v1.2.18.1
   Broken in: v1.2.18.2
   Broken in: v1.2.18.3
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: caa4c280cd34f0ff0fb9a3879ccc0ceaffc3b802

      Branch: v1.2.19-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 38d5c57b9a89c84a19bddcafca9230e69fc78171

      Branch: v1.2.20-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 8c30687b71ccb635c110404f0ef1caf2dbccf2e0

      Branch: v1.2.21-maint
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 9329ca10f121b737fbdcf3070877e3dbe50f9fdf

      Branch: v1.3.0-maint
   Broken in: v1.3.3.1
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: d49b1dfcb59af791f78cd699134cfe80bd6f13ab

      Branch: v1.3.1-maint
   Broken in: v1.3.3.1
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 2d5370eba6b52f44cf832eba28f162c55331a47c

      Branch: v1.3.3-maint
   Broken in: v1.3.3.1
   Broken by: 9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f
    Fixed by: 881441f84a30cd3921df313a982f7162d7ca04f4


Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]