Oval Definition:	oval:org.mitre.oval:def:21963
Revision Date: 2014-02-24 Version: 5 Title: RHSA-2011:0871: tigervnc security update (Moderate) Description: The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle attackers to spoof a TLS VNC server via an arbitrary certificate. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-1775 RHSA-2011:0871-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): tigervnc Definition Synopsis The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section tigervnc-server-module is earlier than 0:1.0.90-0.15.20110314svn4359.el6_1.1 OR tigervnc is earlier than 0:1.0.90-0.15.20110314svn4359.el6_1.1 OR tigervnc-server is earlier than 0:1.0.90-0.15.20110314svn4359.el6_1.1 OR tigervnc-server-applet is earlier than 0:1.0.90-0.15.20110314svn4359.el6_1.1
BACK