Hi Aslan - are you referring to the CloudStack vulnerability announcement related to authentication bypass we announced in April? (CVE 2013-2756)
If so, to fix the issue you need to upgrade to CloudStack 4.0.2. Do note there's issues with Ceph on ACS 4.0.2, so if you are using Ceph we'll have to figure out another way to fix for you. John On May 21, 2013, at 2:02 AM, Aslan Lin <technologymess...@yahoo.cn<mailto:technologymess...@yahoo.cn>> wrote: Hi : I deploy CloudStack 4.0.2 following the install guide, and use KVM as the hypervisor, recently I get the secrity report which present the Remote authentication vulnerability on my kvm host. I think that may qemu build-in vnc server, I don't know how to fix this problem, does any one meet this, thanks for your help. Sorry for my pool English. Best wishes
