Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-1977-1:F5440
HistoryOct 30, 2019 - 12:58 p.m.

[SECURITY] [DLA 1977-1] libvncserver security update

2019-10-3012:58:07
lists.debian.org
33

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

83.9%

JSON

Package : libvncserver
Version : 0.9.9+dfsg2-6.1+deb8u6
CVE ID : CVE-2019-15681
Debian Bug : 943793

LibVNC contained a memory leak (CWE-655) in VNC server code, which
allowed an attacker to read stack memory and could be abused for
information disclosure.

For Debian 8 "Jessie", this problem has been fixed in version
0.9.9+dfsg2-6.1+deb8u6.

We recommend that you upgrade your libvncserver packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: [email protected], http://sunweavers.net
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian10amd64libvncclient1< 0.9.11+dfsg-1.3+deb10u1libvncclient1_0.9.11+dfsg-1.3+deb10u1_amd64.deb
Debian9armhfitalc-master< 1:3.0.3+dfsg1-1+deb9u1italc-master_1:3.0.3+dfsg1-1+deb9u1_armhf.deb
Debian10mipslibvncserver-config< 0.9.11+dfsg-1.3+deb10u1libvncserver-config_0.9.11+dfsg-1.3+deb10u1_mips.deb
Debian9arm64tightvncserver< 1:1.3.9-9+deb9u1tightvncserver_1:1.3.9-9+deb9u1_arm64.deb
Debian9mipselitalc-master-dbgsym< 1:3.0.3+dfsg1-1+deb9u1italc-master-dbgsym_1:3.0.3+dfsg1-1+deb9u1_mipsel.deb
Debian9amd64italc-master< 1:3.0.3+dfsg1-1+deb9u1italc-master_1:3.0.3+dfsg1-1+deb9u1_amd64.deb
Debian8armhfitalc-client< 1:2.0.2+dfsg1-2+deb8u1italc-client_1:2.0.2+dfsg1-2+deb8u1_armhf.deb
Debian9s390xitalc-client-dbgsym< 1:3.0.3+dfsg1-1+deb9u1italc-client-dbgsym_1:3.0.3+dfsg1-1+deb9u1_s390x.deb
Debian9i386libvncserver-dev< 0.9.11+dfsg-1.3~deb9u2libvncserver-dev_0.9.11+dfsg-1.3~deb9u2_i386.deb
Debian8amd64libvncclient0-dbg< 0.9.9+dfsg2-6.1+deb8u6libvncclient0-dbg_0.9.9+dfsg2-6.1+deb8u6_amd64.deb
Rows per page:
1-10 of 3091

Related

veracode 1
mageia 3
openvas 25
osv 8
nessus 24
suse 2
ubuntucve 1
cve 1
prion 1
redhatcve 1
debiancve 1
virtuozzo 1
alpinelinux 1
debian 3
ubuntu 4
threatpost 1
ics 1
veracode
veracode
Information Disclosure
2019-10-31 01:17:46
mageia
mageia
Updated libvncserver packages fix security vulnerability
2019-12-06 17:15:42
Updated vino packages fix security vulnerability
2020-06-11 00:39:20
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0955-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for vino (EulerOS-SA-2020-2569)
2020-12-15 00:00:00
Huawei EulerOS: Security Advisory for vino (EulerOS-SA-2021-1129)
2021-01-19 00:00:00
osv
osv
CVE-2019-15681
2019-10-29 19:15:18
libvncserver - security update
2019-10-30 00:00:00
vino - security update
2019-11-29 00:00:00
nessus
nessus
Virtuozzo 6 : parallels-kernel-modules / etc (VZA-2019-093)
2019-12-09 00:00:00
Debian DLA-1977-1 : libvncserver security update
2019-10-31 00:00:00
SUSE SLES12 Security Update : vino (SUSE-SU-2020:0955-1)
2020-04-10 00:00:00
suse
suse
Security update for vino (moderate)
2020-07-26 00:00:00
Security update for LibVNCServer (important)
2020-05-11 00:00:00
ubuntucve
ubuntucve
CVE-2019-15681
2019-10-29 00:00:00
cve
cve
CVE-2019-15681
2019-10-29 19:15:00
prion
prion
Information disclosure
2019-10-29 19:15:00
redhatcve
redhatcve
CVE-2019-15681
2020-07-08 08:20:46
debiancve
debiancve
CVE-2019-15681
2019-10-29 19:15:00
virtuozzo
virtuozzo
Important product security update: Virtuozzo 6.0 Update 12 Hotfix 49 (6.0.12-3754)
2019-12-06 00:00:00
alpinelinux
alpinelinux
CVE-2019-15681
2019-10-29 19:15:00
debian
debian
[SECURITY] [DLA 2014-1] vino security update
2019-11-29 08:30:55
[SECURITY] [DLA 2045-1] tightvnc security update
2019-12-21 16:03:14
[SECURITY] [DLA 1979-1] italc security update
2019-10-30 22:21:35
ubuntu
ubuntu
LibVNCServer vulnerabilities
2020-07-01 00:00:00
Vino vulnerabilities
2020-10-07 00:00:00
iTALC vulnerabilities
2020-09-28 00:00:00
threatpost
threatpost
Critical Flaws in VNC Threaten Industrial Environments
2019-11-22 19:50:14
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

83.9%

JSON
Related for DEBIAN:DLA-1977-1:F5440
veracode1mageia3openvas25osv8nessus24suse2ubuntucve1cve1prion1redhatcve1debiancve1virtuozzo1alpinelinux1debian3ubuntu4threatpost1ics1