Updated libvncserver and remmina packages fix security vulnerability

🗓️ 26 Aug 2014 23:04:56Reported by Gentoo FoundationType

Updated libvncserver and remmina packages fix security vulnerability. Integer overflow in liblzo causes denial of service in libvncserver and remmina packages

Reporter	Title	Published	Views	Family All 186
IBM Security Bulletins	Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in busybox, arpwatch, apr, acpid, augeas, firefox, ctdb.	15 Dec 202107:41	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: A busybox vulnerability affects IBM DataPower Gateways (CVE-2014-4607)	15 Jun 201807:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 )	16 Jun 201821:46	–	ibm
Amazon	Medium: lzo	9 Jul 201400:00	–	amazon
Tenable Nessus	Amazon Linux AMI : lzo (ALAS-2014-373)	12 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 6 / 7 : lzo (CESA-2014:0861)	10 Jul 201400:00	–	nessus
Tenable Nessus	Debian DLA-2559-1 : busybox security update	16 Feb 202100:00	–	nessus
Tenable Nessus	Debian DLA-35-1 : lzo2 security update	26 Mar 201500:00	–	nessus
Tenable Nessus	Debian DSA-2995-1 : lzo2 - security update	4 Aug 201400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	3	any	libvncserver	0.9.9-2.1	libvncserver-0.9.9-2.1.noarch.rpm
Mageia	4	any	libvncserver	0.9.9-3.1	libvncserver-0.9.9-3.1.noarch.rpm
Mageia	3	any	remmina	1.0.0-3.1	remmina-1.0.0-3.1.noarch.rpm
Mageia	4	any	remmina	1.0.0-4.3	remmina-1.0.0-4.3.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
advisories	www.advisories.mageia.org/MGASA-2014-0290.html

26 Aug 2014 23:04Current

9.3High risk

Vulners AI Score9.3

CVSS 26.8

CVSS 3.18.8

EPSS0.11033