Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2024-0006.NASLHistoryApr 23, 2024 - 12:00 a.m.
RHEL 7 : tigervnc (RHSA-2024:0006)
2024-04-2300:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3
redhat enterprise linux
vulnerabilities
rhsa-2024:0006
xorg-x11-server
out-of-bounds memory reads/writes
cve-2023-6377
cve-2023-6478
nessus scanner
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
0.273 Low
EPSS
Percentile
96.8%
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0006 advisory.
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.
Security Fix(es):
* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:0006. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(193756);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");
script_cve_id("CVE-2023-6377", "CVE-2023-6478");
script_xref(name:"RHSA", value:"2024:0006");
script_name(english:"RHEL 7 : tigervnc (RHSA-2024:0006)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for tigervnc.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:0006 advisory.
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop
environment not only on the machine where it is running, but from anywhere on the Internet and from a wide
variety of machine architectures. TigerVNC is a suite of VNC servers and clients.
Security Fix(es):
* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
(CVE-2023-6478)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253298");
# https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0006.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b4d4f4d3");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:0006");
script_set_attribute(attribute:"solution", value:
"Update the RHEL tigervnc package based on the guidance in RHSA-2024:0006.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-6478");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-6377");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(125, 190);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/13");
script_set_attribute(attribute:"patch_publication_date", value:"2024/01/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/23");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-icons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-license");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-server-applet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-server-minimal");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tigervnc-server-module");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',
'content/dist/rhel/client/7/7.9/x86_64/debug',
'content/dist/rhel/client/7/7.9/x86_64/optional/debug',
'content/dist/rhel/client/7/7.9/x86_64/optional/os',
'content/dist/rhel/client/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/client/7/7.9/x86_64/os',
'content/dist/rhel/client/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/client/7/7Client/x86_64/debug',
'content/dist/rhel/client/7/7Client/x86_64/optional/debug',
'content/dist/rhel/client/7/7Client/x86_64/optional/os',
'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',
'content/dist/rhel/client/7/7Client/x86_64/os',
'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/debug',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/os',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',
'content/dist/rhel/power/7/7.9/ppc64/debug',
'content/dist/rhel/power/7/7.9/ppc64/optional/debug',
'content/dist/rhel/power/7/7.9/ppc64/optional/os',
'content/dist/rhel/power/7/7.9/ppc64/optional/source/SRPMS',
'content/dist/rhel/power/7/7.9/ppc64/os',
'content/dist/rhel/power/7/7.9/ppc64/source/SRPMS',
'content/dist/rhel/power/7/7Server/ppc64/debug',
'content/dist/rhel/power/7/7Server/ppc64/optional/debug',
'content/dist/rhel/power/7/7Server/ppc64/optional/os',
'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',
'content/dist/rhel/power/7/7Server/ppc64/os',
'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/debug',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/debug',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/os',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/optional/debug',
'content/dist/rhel/server/7/7.9/x86_64/optional/os',
'content/dist/rhel/server/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/os',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/debug',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/os',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/debug',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/optional/debug',
'content/dist/rhel/server/7/7Server/x86_64/optional/os',
'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/os',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/debug',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/debug',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/os',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/optional/debug',
'content/dist/rhel/system-z/7/7.9/s390x/optional/os',
'content/dist/rhel/system-z/7/7.9/s390x/optional/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/os',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/debug',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/os',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/debug',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',
'content/dist/rhel/system-z/7/7Server/s390x/optional/os',
'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/os',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',
'content/dist/rhel/workstation/7/7.9/x86_64/debug',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/debug',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/os',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/workstation/7/7.9/x86_64/os',
'content/dist/rhel/workstation/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',
'content/dist/rhel/workstation/7/7Workstation/x86_64/os',
'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',
'content/fastrack/rhel/client/7/x86_64/debug',
'content/fastrack/rhel/client/7/x86_64/optional/debug',
'content/fastrack/rhel/client/7/x86_64/optional/os',
'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/client/7/x86_64/os',
'content/fastrack/rhel/client/7/x86_64/source/SRPMS',
'content/fastrack/rhel/computenode/7/x86_64/debug',
'content/fastrack/rhel/computenode/7/x86_64/optional/debug',
'content/fastrack/rhel/computenode/7/x86_64/optional/os',
'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/computenode/7/x86_64/os',
'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',
'content/fastrack/rhel/power/7/ppc64/debug',
'content/fastrack/rhel/power/7/ppc64/optional/debug',
'content/fastrack/rhel/power/7/ppc64/optional/os',
'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',
'content/fastrack/rhel/power/7/ppc64/os',
'content/fastrack/rhel/power/7/ppc64/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/debug',
'content/fastrack/rhel/server/7/x86_64/highavailability/debug',
'content/fastrack/rhel/server/7/x86_64/highavailability/os',
'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/optional/debug',
'content/fastrack/rhel/server/7/x86_64/optional/os',
'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/os',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/source/SRPMS',
'content/fastrack/rhel/system-z/7/s390x/debug',
'content/fastrack/rhel/system-z/7/s390x/optional/debug',
'content/fastrack/rhel/system-z/7/s390x/optional/os',
'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',
'content/fastrack/rhel/system-z/7/s390x/os',
'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',
'content/fastrack/rhel/workstation/7/x86_64/debug',
'content/fastrack/rhel/workstation/7/x86_64/optional/debug',
'content/fastrack/rhel/workstation/7/x86_64/optional/os',
'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/workstation/7/x86_64/os',
'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'
],
'pkgs': [
{'reference':'tigervnc-1.8.0-28.el7_9', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-1.8.0-28.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-1.8.0-28.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-1.8.0-28.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-icons-1.8.0-28.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-license-1.8.0-28.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-1.8.0-28.el7_9', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-1.8.0-28.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-1.8.0-28.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-1.8.0-28.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-applet-1.8.0-28.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-minimal-1.8.0-28.el7_9', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-minimal-1.8.0-28.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-minimal-1.8.0-28.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-minimal-1.8.0-28.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-module-1.8.0-28.el7_9', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-module-1.8.0-28.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'tigervnc-server-module-1.8.0-28.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tigervnc / tigervnc-icons / tigervnc-license / tigervnc-server / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | tigervnc | p-cpe:/a:redhat:enterprise_linux:tigervnc |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | tigervnc-server-module | p-cpe:/a:redhat:enterprise_linux:tigervnc-server-module |
| redhat | enterprise_linux | tigervnc-license | p-cpe:/a:redhat:enterprise_linux:tigervnc-license |
| redhat | enterprise_linux | tigervnc-server-minimal | p-cpe:/a:redhat:enterprise_linux:tigervnc-server-minimal |
| redhat | enterprise_linux | tigervnc-server | p-cpe:/a:redhat:enterprise_linux:tigervnc-server |
| redhat | enterprise_linux | tigervnc-server-applet | p-cpe:/a:redhat:enterprise_linux:tigervnc-server-applet |
| redhat | enterprise_linux | tigervnc-icons | p-cpe:/a:redhat:enterprise_linux:tigervnc-icons |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478
www.nessus.org/u?b4d4f4d3
access.redhat.com/errata/RHSA-2024:0006
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=2253291
bugzilla.redhat.com/show_bug.cgi?id=2253298
Related
nessus
nessus
Debian DLA-3686-1 : xorg-server - LTS security update
2023-12-14 00:00:00
Fedora 38 : tigervnc / xorg-x11-server (2023-ec02e360af)
2024-01-10 00:00:00
Fedora 38 : xorg-x11-server-Xwayland (2023-77c8903bcb)
2023-12-24 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3686-2)
2023-12-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4790-1)
2023-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: xorg-x11-server-1.20.14-28.fc38
2024-01-11 02:16:48
[SECURITY] Fedora 39 Update: xorg-x11-server-Xwayland-23.2.3-1.fc39
2023-12-19 01:12:16
[SECURITY] Fedora 39 Update: xorg-x11-server-1.20.14-28.fc39
2023-12-15 01:33:14
redhat
redhat
(RHSA-2024:0015) Important: tigervnc security update
2024-01-02 06:53:55
(RHSA-2024:0020) Important: tigervnc security update
2024-01-02 06:54:35
(RHSA-2024:0018) Important: tigervnc security update
2024-01-02 06:54:05
redos
redos
ROS-20240408-08
2024-04-08 00:00:00
osv
osv
xorg-server, xwayland vulnerabilities
2023-12-13 13:23:48
xorg-server - security update
2023-12-13 00:00:00
xorg-server - security update
2023-12-13 00:00:00
almalinux
almalinux
Important: tigervnc security update
2024-01-02 00:00:00
Important: tigervnc security update
2024-01-02 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2024-04-30 00:00:00
debian
debian
[SECURITY] [DSA 5576-1] xorg-server security update
2023-12-13 07:02:47
[SECURITY] [DLA 3686-1] xorg-server security update
2023-12-13 08:05:16
[SECURITY] [DSA 5576-2] xorg-server security update
2023-12-17 13:03:35
freebsd
freebsd
xorg-server -- Multiple vulnerabilities
2023-12-13 00:00:00
amazon
amazon
Important: xorg-x11-server
2024-01-03 21:04:00
Important: xorg-x11-server
2024-01-03 22:37:00
ubuntu
ubuntu
X.Org X Server vulnerabilities
2023-12-13 00:00:00
X.Org X Server vulnerabilities
2023-12-13 00:00:00
X.Org X Server vulnerabilities
2024-03-13 00:00:00
slackware
slackware
[slackware-security] xorg-server
2023-12-13 22:08:24
[slackware-security] tigervnc
2024-01-21 20:53:54
rosalinux
rosalinux
Advisory ROSA-SA-2024-2324
2024-01-23 12:14:57
oraclelinux
oraclelinux
tigervnc security update
2024-01-04 00:00:00
xorg-x11-server security update
2024-01-02 00:00:00
tigervnc security update
2024-01-02 00:00:00
centos
centos
tigervnc security update
2024-01-12 19:01:36
xorg security update
2024-01-12 19:00:25
mageia
mageia
Updated x11-server and tigervnc packages fix security vulnerabilities
2024-01-15 01:23:43
cbl_mariner
cbl_mariner
zdi
zdi
redhatcve
redhatcve
CVE-2023-6377
2023-12-13 06:27:20
CVE-2023-6478
2023-12-13 06:27:26
nvd
nvd
CVE-2023-6377
2023-12-13 07:15:30
CVE-2023-6478
2023-12-13 07:15:31
veracode
veracode
Remote Code Execution
2023-12-15 07:04:27
Integer Overflow
2023-12-15 07:30:42
alpinelinux
alpinelinux
CVE-2023-6478
2023-12-13 07:15:31
CVE-2023-6377
2023-12-13 07:15:30
cvelist
cvelist
cve
cve
CVE-2023-6478
2023-12-13 07:15:31
CVE-2023-6377
2023-12-13 07:15:30
ubuntucve
ubuntucve
CVE-2023-6377
2023-12-13 00:00:00
CVE-2023-6478
2023-12-13 00:00:00
prion
prion
Out-of-bounds
2023-12-13 07:15:00
Integer overflow
2023-12-13 07:15:00
debiancve
debiancve
CVE-2023-6377
2023-12-13 07:15:30
CVE-2023-6478
2023-12-13 07:15:31
gentoo
gentoo
X.Org X Server, XWayland: Multiple Vulnerabilities
2024-01-31 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
0.273 Low
EPSS
Percentile
96.8%
Related for REDHAT-RHSA-2024-0006.NASL