{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-11-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-07T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"[qemu-devel] 20081210 Re: [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC passwords to 7 chars","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html"},{"name":"35062","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/35062"},{"name":"qemu-monitor-weak-security(47683)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47683"},{"name":"[qemu-devel] 20081123 [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html"},{"name":"34642","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/34642"},{"tags":["x_refsource_CONFIRM"],"url":"http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966"},{"name":"33020","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/33020"},{"name":"USN-776-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/usn-776-1"},{"name":"SUSE-SR:2009:002","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"},{"name":"33568","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/33568"},{"name":"SUSE-SR:2009:008","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-5714","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"[qemu-devel] 20081210 Re: [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC passwords to 7 chars","refsource":"MLIST","url":"http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html"},{"name":"35062","refsource":"SECUNIA","url":"http://secunia.com/advisories/35062"},{"name":"qemu-monitor-weak-security(47683)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47683"},{"name":"[qemu-devel] 20081123 [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars","refsource":"MLIST","url":"http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html"},{"name":"34642","refsource":"SECUNIA","url":"http://secunia.com/advisories/34642"},{"name":"http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966","refsource":"CONFIRM","url":"http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966"},{"name":"33020","refsource":"BID","url":"http://www.securityfocus.com/bid/33020"},{"name":"USN-776-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/usn-776-1"},{"name":"SUSE-SR:2009:002","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"},{"name":"33568","refsource":"SECUNIA","url":"http://secunia.com/advisories/33568"},{"name":"SUSE-SR:2009:008","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"},{"name":"http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966","refsource":"CONFIRM","url":"http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T11:04:44.702Z"},"title":"CVE Program Container","references":[{"name":"[qemu-devel] 20081210 Re: [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC passwords to 7 chars","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html"},{"name":"35062","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/35062"},{"name":"qemu-monitor-weak-security(47683)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47683"},{"name":"[qemu-devel] 20081123 [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html"},{"name":"34642","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/34642"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966"},{"name":"33020","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/33020"},{"name":"USN-776-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/usn-776-1"},{"name":"SUSE-SR:2009:002","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"},{"name":"33568","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/33568"},{"name":"SUSE-SR:2009:008","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-5714","datePublished":"2008-12-24T17:00:00.000Z","dateReserved":"2008-12-24T00:00:00.000Z","dateUpdated":"2024-08-07T11:04:44.702Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}