Vino VNC Server Remote Persistent DoS Vulnerability
Last week, I was making some performance enhancements to the VNC protocol implementations in the TrustKeeper Scanning Engine. Unfortunately, in my mission to “Go Fast!”, I managed to trigger a Denial of Service (DoS) vulnerability in Vino. Vino is the VNC server for the GNOME desktop environment and also happens be to the default VNC server for popular Linux distributions like Ubuntu.
Shortly after finding the vulnerability, we reached out to the GNOME project and the security team there was nothing short of awesome for us to work with. They patched the vulnerability the same day (link) and they notified the major Linux distributions with a fix the day after (link).
The vulnerability should be fixed in Vino 3.9.92 (and 3.8.2 if there is a future release in the 3.8 branch). At the time of this writing, it doesn’t appear that the patch has made it’s way down to the Ubuntu distribution just yet, but I hope it will be there and in other distributions very soon.
If you want more details about the vulnerability, including PoC code, please see our detailed advisory.
This was also posted on the SpiderLabs blog here.
**UPDATE – October 2, 2013**
Ubuntu released USN-1980 to address this vulnerability on September 30th, 2013.