The Vino VNC server, which is also the default VNC server in Ubuntu (3.4.2-0ubuntu1.2), is vulnerable to a persistent denial of service vulnerability. The vulnerability is triggered when a VNC client, who claims to only support protocol version 3.3, sends malformed data during the authentication selection stage of the authentication process…. The Vino VNC server, which is also the default VNC server in Ubuntu (3.4.2-0ubuntu1.2), is vulnerable to a persistent denial of service vulnerability. The vulnerability is triggered when a VNC client, who claims to only support protocol version 3.3, sends malformed data during the authentication selection stage of the authentication process.

Read more http://packetstormsecurity.com/files/123273/TWSL2013-028.txt