Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3877-1.NASL
HistoryFeb 01, 2019 - 12:00 a.m.

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : LibVNCServer vulnerabilities (USN-3877-1)

2019-02-0100:00:00
Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
JSON

It was discovered that LibVNCServer incorrectly handled certain operations. A remote attacker able to connect to applications using LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3877-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('compat.inc');

if (description)
{
  script_id(121541);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id(
    "CVE-2018-15126",
    "CVE-2018-15127",
    "CVE-2018-20019",
    "CVE-2018-20020",
    "CVE-2018-20021",
    "CVE-2018-20022",
    "CVE-2018-20023",
    "CVE-2018-20024",
    "CVE-2018-20748",
    "CVE-2018-20749",
    "CVE-2018-20750",
    "CVE-2018-6307"
  );
  script_xref(name:"USN", value:"3877-1");

  script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : LibVNCServer vulnerabilities (USN-3877-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"It was discovered that LibVNCServer incorrectly handled certain
operations. A remote attacker able to connect to applications using
LibVNCServer could possibly use this issue to obtain sensitive
information, cause a denial of service, or execute arbitrary code.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-3877-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-20750");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvncclient1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvncserver-config");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvncserver-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvncserver0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvncserver1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linuxvnc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release || '16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04 / 18.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'libvncserver-config', 'pkgver': '0.9.9+dfsg-1ubuntu1.4'},
    {'osver': '14.04', 'pkgname': 'libvncserver-dev', 'pkgver': '0.9.9+dfsg-1ubuntu1.4'},
    {'osver': '14.04', 'pkgname': 'libvncserver0', 'pkgver': '0.9.9+dfsg-1ubuntu1.4'},
    {'osver': '14.04', 'pkgname': 'linuxvnc', 'pkgver': '0.9.9+dfsg-1ubuntu1.4'},
    {'osver': '16.04', 'pkgname': 'libvncclient1', 'pkgver': '0.9.10+dfsg-3ubuntu0.16.04.3'},
    {'osver': '16.04', 'pkgname': 'libvncserver-config', 'pkgver': '0.9.10+dfsg-3ubuntu0.16.04.3'},
    {'osver': '16.04', 'pkgname': 'libvncserver-dev', 'pkgver': '0.9.10+dfsg-3ubuntu0.16.04.3'},
    {'osver': '16.04', 'pkgname': 'libvncserver1', 'pkgver': '0.9.10+dfsg-3ubuntu0.16.04.3'},
    {'osver': '18.04', 'pkgname': 'libvncclient1', 'pkgver': '0.9.11+dfsg-1ubuntu1.1'},
    {'osver': '18.04', 'pkgname': 'libvncserver-config', 'pkgver': '0.9.11+dfsg-1ubuntu1.1'},
    {'osver': '18.04', 'pkgname': 'libvncserver-dev', 'pkgver': '0.9.11+dfsg-1ubuntu1.1'},
    {'osver': '18.04', 'pkgname': 'libvncserver1', 'pkgver': '0.9.11+dfsg-1ubuntu1.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvncclient1 / libvncserver-config / libvncserver-dev / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxlibvncclient1p-cpe:/a:canonical:ubuntu_linux:libvncclient1
canonicalubuntu_linuxlibvncserver-configp-cpe:/a:canonical:ubuntu_linux:libvncserver-config
canonicalubuntu_linuxlibvncserver-devp-cpe:/a:canonical:ubuntu_linux:libvncserver-dev
canonicalubuntu_linuxlibvncserver0p-cpe:/a:canonical:ubuntu_linux:libvncserver0
canonicalubuntu_linuxlibvncserver1p-cpe:/a:canonical:ubuntu_linux:libvncserver1
canonicalubuntu_linuxlinuxvncp-cpe:/a:canonical:ubuntu_linux:linuxvnc
canonicalubuntu_linux14.04cpe:/o:canonical:ubuntu_linux:14.04:-:lts
canonicalubuntu_linux16.04cpe:/o:canonical:ubuntu_linux:16.04:-:lts
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts

Related

ubuntu 4
openvas 29
nessus 34
suse 4
debian 7
mageia 3
osv 21
gentoo 2
ubuntucve 14
rosalinux 1
alpinelinux 1
cvelist 12
prion 12
cve 12
redhatcve 12
debiancve 12
veracode 10
checkpoint_advisories 2
redhat 1
centos 1
amazon 1
oraclelinux 1
ics 1
ubuntu
ubuntu
LibVNCServer vulnerabilities
2019-01-31 00:00:00
iTALC vulnerabilities
2020-09-28 00:00:00
SSVNC vulnerabilities
2020-09-28 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3877-1)
2019-02-01 00:00:00
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1051)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1096)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : libvncserver (EulerOS-SA-2019-1096)
2019-03-26 00:00:00
EulerOS 2.0 SP2 : libvncserver (EulerOS-SA-2019-1051)
2019-02-22 00:00:00
openSUSE Security Update : LibVNCServer (openSUSE-2019-45)
2019-01-14 00:00:00
suse
suse
Security update for LibVNCServer (important)
2019-01-12 00:00:00
Security update for LibVNCServer (important)
2019-01-18 00:00:00
Security update for LibVNCServer (critical)
2019-02-18 00:00:00
debian
debian
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:17
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:03
[SECURITY] [DLA 1617-1] libvncserver security update
2018-12-27 03:53:27
mageia
mageia
Updated libvncserver & x11vnc packages fix security vulnerabilities
2019-01-16 01:15:34
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
Updated libvncserver packages fix security vulnerability
2019-02-13 14:08:25
osv
osv
libvncserver - security update
2019-02-03 00:00:00
italc vulnerabilities
2020-09-28 16:07:15
libvncserver - security update
2018-12-25 00:00:00
gentoo
gentoo
ssvnc: Multiple vulnerabilities
2020-06-13 00:00:00
LibVNCServer: Multiple vulnerabilities
2019-08-09 00:00:00
ubuntucve
ubuntucve
CVE-2018-15127
2018-12-19 00:00:00
CVE-2018-20748
2019-01-30 00:00:00
CVE-2018-20750
2019-01-30 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34
alpinelinux
alpinelinux
CVE-2018-20750
2019-01-30 18:29:00
cvelist
cvelist
CVE-2018-20750
2019-01-30 18:00:00
CVE-2018-20749
2019-01-30 18:00:00
CVE-2018-20748
2019-01-30 18:00:00
prion
prion
Heap overflow
2019-01-30 18:29:00
Heap overflow
2019-01-30 18:29:00
Heap overflow
2019-01-30 18:29:00
cve
cve
CVE-2018-20750
2019-01-30 18:29:00
CVE-2018-20748
2019-01-30 18:29:00
CVE-2018-20749
2019-01-30 18:29:00
redhatcve
redhatcve
CVE-2018-20748
2019-01-31 14:50:59
CVE-2018-20750
2019-01-31 14:50:18
CVE-2018-20749
2019-01-31 14:51:51
debiancve
debiancve
CVE-2018-20748
2019-01-30 18:29:00
CVE-2018-20750
2019-01-30 18:29:00
CVE-2018-20749
2019-01-30 18:29:00
veracode
veracode
Information Disclosure Through Memory Leak
2018-12-27 07:17:40
Remote Code Execution
2020-09-29 03:51:12
Denial Of Service (DoS)
2018-12-27 07:36:22
checkpoint_advisories
checkpoint_advisories
libVNC File Transfer Extension Heap-based Buffer Overflow (CVE-2018-15127)
2019-11-26 00:00:00
LibVNC LibVNCServer Use After Free (CVE-2018-6307)
2020-02-25 00:00:00
redhat
redhat
(RHSA-2019:0059) Important: libvncserver security update
2019-01-15 08:09:21
centos
centos
libvncserver security update
2019-01-16 16:58:43
amazon
amazon
Important: libvncserver
2019-02-13 18:38:00
oraclelinux
oraclelinux
libvncserver security update
2019-01-15 00:00:00
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
JSON
Related for UBUNTU_USN-3877-1.NASL
ubuntu4openvas29nessus34suse4debian7mageia3osv21gentoo2ubuntucve14rosalinux1alpinelinux1cvelist12prion12cve12redhatcve12debiancve12veracode10checkpoint_advisories2redhat1centos1amazon1oraclelinux1ics1