CVE-2011-1165 Information

Description

Vino possibly before 3.2 does not properly document that it opens ports in UPnP routers when the \Configure network to automatically accept connections\ setting is enabled which might make it easier for remote attackers to perform further attacks.

Reference

http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566 http://rhn.redhat.com/errata/RHSA-2013-0169.html http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40 https://bugzilla.gnome.org/show_bug.cgi?id=594521 https://bugzilla.redhat.com/show_bug.cgi?id=678846