Fedora Update for libvncserver FEDORA-2018-43541091ab
2018-04-04T00:00:00
ID OPENVAS:1361412562310874325 Type openvas Reporter Copyright (C) 2018 Greenbone Networks GmbH Modified 2018-04-09T00:00:00
Description
Check the version of libvncserver
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_fedora_2018_43541091ab_libvncserver_fc26.nasl 9396 2018-04-09 04:18:59Z ckuersteiner $
#
# Fedora Update for libvncserver FEDORA-2018-43541091ab
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.874325");
script_version("$Revision: 9396 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-09 06:18:59 +0200 (Mon, 09 Apr 2018) $");
script_tag(name:"creation_date", value:"2018-04-04 08:41:42 +0200 (Wed, 04 Apr 2018)");
script_cve_id("CVE-2018-7225");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"qod_type", value:"package");
script_name("Fedora Update for libvncserver FEDORA-2018-43541091ab");
script_tag(name: "summary", value: "Check the version of libvncserver");
script_tag(name: "vuldetect", value: "Get the installed version with the help
of detect NVT and check if the version is vulnerable or not.");
script_tag(name: "insight", value: "LibVNCServer makes writing a VNC server
(or more correctly, a program exporting a frame-buffer via the Remote Frame
Buffer protocol) easy.
It hides the programmer from the tedious task of managing clients and
compression schemata.
");
script_tag(name: "affected", value: "libvncserver on Fedora 26");
script_tag(name: "solution", value: "Please Install the Updated Packages.");
script_xref(name: "FEDORA", value: "2018-43541091ab");
script_xref(name: "URL" , value: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC26")
{
if ((res = isrpmvuln(pkg:"libvncserver", rpm:"libvncserver~0.9.11~3.fc26", rls:"FC26")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:1361412562310874325", "bulletinFamily": "scanner", "title": "Fedora Update for libvncserver FEDORA-2018-43541091ab", "description": "Check the version of libvncserver", "published": "2018-04-04T00:00:00", "modified": "2018-04-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874325", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345", "2018-43541091ab"], "cvelist": ["CVE-2018-7225"], "type": "openvas", "lastseen": "2018-09-01T23:37:29", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of libvncserver", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "e88adb7506db968f332d97ce4f2944572ba0e786d34949ca5d8b844f6b3ee7c6", "hashmap": [{"hash": "d8fba0cdac659cea05461207290ce9e7", "key": "title"}, {"hash": "c64e62d1d9271763a79d0ade7f5e8508", "key": "pluginID"}, {"hash": "813566690a1ba159d228c15d6ac6bbd0", "key": "published"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "4cde1fa539872970867ca037da4ddedf", "key": "description"}, {"hash": "35565408fddf7c1a3329e44e47927ca2", "key": "href"}, {"hash": "a6913fc68d70d2c1ca452caee219733e", "key": "sourceData"}, {"hash": "bd2811809d78a66b4d39bc1fb8b08ee6", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "bace366fd95b04299726f737790bf0bb", "key": "references"}, {"hash": "0f00a0a13f0660fdc38b69aa3d2c2098", "key": "modified"}, {"hash": "46d948ebd3bd042831cf32779cf3abc2", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874325", "id": "OPENVAS:1361412562310874325", "lastseen": "2018-04-09T11:09:35", "modified": "2018-04-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310874325", "published": "2018-04-04T00:00:00", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345", "2018-43541091ab"], "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_43541091ab_libvncserver_fc26.nasl 9396 2018-04-09 04:18:59Z ckuersteiner $\n#\n# Fedora Update for libvncserver FEDORA-2018-43541091ab\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874325\");\n script_version(\"$Revision: 9396 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-09 06:18:59 +0200 (Mon, 09 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-04 08:41:42 +0200 (Wed, 04 Apr 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvncserver FEDORA-2018-43541091ab\");\n script_tag(name: \"summary\", value: \"Check the version of libvncserver\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"LibVNCServer makes writing a VNC server \n(or more correctly, a program exporting a frame-buffer via the Remote Frame \nBuffer protocol) easy.\nIt hides the programmer from the tedious task of managing clients and\ncompression schemata.\n\");\n script_tag(name: \"affected\", value: \"libvncserver on Fedora 26\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2018-43541091ab\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvncserver\", rpm:\"libvncserver~0.9.11~3.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for libvncserver FEDORA-2018-43541091ab", "type": "openvas", "viewCount": 1}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-04-09T11:09:35"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check the version of libvncserver", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "c27d05de342df01606a149e7a89953001de1c1576685d10e67de90c581b789ab", "hashmap": [{"hash": "d8fba0cdac659cea05461207290ce9e7", "key": "title"}, {"hash": "c64e62d1d9271763a79d0ade7f5e8508", "key": "pluginID"}, {"hash": "813566690a1ba159d228c15d6ac6bbd0", "key": "published"}, {"hash": "4cde1fa539872970867ca037da4ddedf", "key": "description"}, {"hash": "35565408fddf7c1a3329e44e47927ca2", "key": "href"}, {"hash": "a6913fc68d70d2c1ca452caee219733e", "key": "sourceData"}, {"hash": "bd2811809d78a66b4d39bc1fb8b08ee6", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "bace366fd95b04299726f737790bf0bb", "key": "references"}, {"hash": "0f00a0a13f0660fdc38b69aa3d2c2098", "key": "modified"}, {"hash": "46d948ebd3bd042831cf32779cf3abc2", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874325", "id": "OPENVAS:1361412562310874325", "lastseen": "2018-08-30T19:17:19", "modified": "2018-04-09T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310874325", "published": "2018-04-04T00:00:00", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345", "2018-43541091ab"], "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_43541091ab_libvncserver_fc26.nasl 9396 2018-04-09 04:18:59Z ckuersteiner $\n#\n# Fedora Update for libvncserver FEDORA-2018-43541091ab\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874325\");\n script_version(\"$Revision: 9396 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-09 06:18:59 +0200 (Mon, 09 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-04 08:41:42 +0200 (Wed, 04 Apr 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvncserver FEDORA-2018-43541091ab\");\n script_tag(name: \"summary\", value: \"Check the version of libvncserver\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"LibVNCServer makes writing a VNC server \n(or more correctly, a program exporting a frame-buffer via the Remote Frame \nBuffer protocol) easy.\nIt hides the programmer from the tedious task of managing clients and\ncompression schemata.\n\");\n script_tag(name: \"affected\", value: \"libvncserver on Fedora 26\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2018-43541091ab\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvncserver\", rpm:\"libvncserver~0.9.11~3.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for libvncserver FEDORA-2018-43541091ab", "type": "openvas", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:17:19"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "46d948ebd3bd042831cf32779cf3abc2"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "4cde1fa539872970867ca037da4ddedf"}, {"key": "href", "hash": "35565408fddf7c1a3329e44e47927ca2"}, {"key": "modified", "hash": "0f00a0a13f0660fdc38b69aa3d2c2098"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "c64e62d1d9271763a79d0ade7f5e8508"}, {"key": "published", "hash": "813566690a1ba159d228c15d6ac6bbd0"}, {"key": "references", "hash": "bace366fd95b04299726f737790bf0bb"}, {"key": "reporter", "hash": "bd2811809d78a66b4d39bc1fb8b08ee6"}, {"key": "sourceData", "hash": "a6913fc68d70d2c1ca452caee219733e"}, {"key": "title", "hash": "d8fba0cdac659cea05461207290ce9e7"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "e88adb7506db968f332d97ce4f2944572ba0e786d34949ca5d8b844f6b3ee7c6", "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_43541091ab_libvncserver_fc26.nasl 9396 2018-04-09 04:18:59Z ckuersteiner $\n#\n# Fedora Update for libvncserver FEDORA-2018-43541091ab\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874325\");\n script_version(\"$Revision: 9396 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-09 06:18:59 +0200 (Mon, 09 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-04 08:41:42 +0200 (Wed, 04 Apr 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvncserver FEDORA-2018-43541091ab\");\n script_tag(name: \"summary\", value: \"Check the version of libvncserver\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"LibVNCServer makes writing a VNC server \n(or more correctly, a program exporting a frame-buffer via the Remote Frame \nBuffer protocol) easy.\nIt hides the programmer from the tedious task of managing clients and\ncompression schemata.\n\");\n script_tag(name: \"affected\", value: \"libvncserver on Fedora 26\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2018-43541091ab\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVQ7GPVKJHTS6WQY5HPCCSPQ6PMAM345\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvncserver\", rpm:\"libvncserver~0.9.11~3.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "1361412562310874325"}
{"cve": [{"lastseen": "2018-06-10T11:05:56", "references": ["https://usn.ubuntu.com/3618-1/", "http://www.securityfocus.com/bid/103107", "http://www.openwall.com/lists/oss-security/2018/02/18/1", "https://github.com/LibVNC/libvncserver/issues/218", "https://access.redhat.com/errata/RHSA-2018:1055", "https://www.debian.org/security/2018/dsa-4221", "https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"], "description": "An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.", "edition": 7, "reporter": "NVD", "published": "2018-02-19T10:29:00", "title": "CVE-2018-7225", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2018-7225"], "scanner": [], "modified": "2018-06-09T21:29:04", "cpe": ["cpe:/a:libvncserver_project:libvncserver:0.9.11"], "id": "CVE-2018-7225", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7225", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2018-05-30T22:38:52", "references": ["https://access.redhat.com/errata/RHSA-2018:1055"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "x86_64", "packageFilename": "libvncserver-devel-0.9.9-12.el7_5.x86_64.rpm", "packageName": "libvncserver-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "any", "packageFilename": "libvncserver-0.9.9-12.el7_5.src.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "x86_64", "packageFilename": "libvncserver-0.9.9-12.el7_5.x86_64.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "i686", "packageFilename": "libvncserver-0.9.9-12.el7_5.i686.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "i686", "packageFilename": "libvncserver-devel-0.9.9-12.el7_5.i686.rpm", "packageName": "libvncserver-devel", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2018:1055\n\n\nLibVNCServer is a C library that enables you to implement VNC server functionality into own programs.\n\nSecurity Fix(es):\n\n* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-May/022877.html\n\n**Affected packages:**\nlibvncserver\nlibvncserver-devel\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2018-05-30T18:24:07", "title": "libvncserver security update", "type": "centos", "enchantments": {"score": {"modified": "2018-05-30T22:38:52", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "modified": "2018-05-30T18:24:07", "id": "CESA-2018:1055", "href": "http://lists.centos.org/pipermail/centos-announce/2018-May/022877.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:36:58", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYNK6ZTW4QSUNWBL3YCZXRC3QMHW7FZK", "2018-4897772a43"], "pluginID": "1361412562310874285", "description": "Check the version of libvncserver", "edition": 3, "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "published": "2018-03-28T00:00:00", "title": "Fedora Update for libvncserver FEDORA-2018-4897772a43", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-03-31T00:00:00", "id": "OPENVAS:1361412562310874285", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_4897772a43_libvncserver_fc27.nasl 9271 2018-03-31 07:25:25Z cfischer $\n#\n# Fedora Update for libvncserver FEDORA-2018-4897772a43\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874285\");\n script_version(\"$Revision: 9271 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-03-31 09:25:25 +0200 (Sat, 31 Mar 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 08:58:22 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvncserver FEDORA-2018-4897772a43\");\n script_tag(name: \"summary\", value: \"Check the version of libvncserver\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"LibVNCServer makes writing a VNC server \n(or more correctly, a program exporting a frame-buffer via the Remote Frame \nBuffer protocol) easy.\n\nIt hides the programmer from the tedious task of managing clients and\ncompression schemata.\n\");\n script_tag(name: \"affected\", value: \"libvncserver on Fedora 27\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2018-4897772a43\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYNK6ZTW4QSUNWBL3YCZXRC3QMHW7FZK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvncserver\", rpm:\"libvncserver~0.9.11~5.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:39:38", "references": ["https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"], "pluginID": "1361412562310891332", "description": "libvncserver version through 0.9.11. does not sanitize msg.cct.length\nwhich may result in access to uninitialized and potentially sensitive\ndata or possibly unspecified other impact (e.g., an integer overflow)\nvia specially crafted VNC packets.", "edition": 6, "reporter": "Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net", "published": "2018-04-02T00:00:00", "title": "Debian LTS Advisory ([SECURITY] [DLA 1332-1] libvncserver security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-07-10T00:00:00", "id": "OPENVAS:1361412562310891332", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1332.nasl 10474 2018-07-10 08:12:26Z cfischer $\n#\n# Auto-generated from advisory DLA 1332-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891332\");\n script_version(\"$Revision: 10474 $\");\n script_cve_id(\"CVE-2018-7225\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1332-1] libvncserver security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-10 10:12:26 +0200 (Tue, 10 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-02 00:00:00 +0200 (Mon, 02 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\\.[0-9]+\");\n script_tag(name:\"affected\", value:\"libvncserver on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n0.9.9+dfsg-1+deb7u3.\n\nWe recommend that you upgrade your libvncserver packages.\");\n script_tag(name:\"summary\", value:\"libvncserver version through 0.9.11. does not sanitize msg.cct.length\nwhich may result in access to uninitialized and potentially sensitive\ndata or possibly unspecified other impact (e.g., an integer overflow)\nvia specially crafted VNC packets.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libvncserver-config\", ver:\"0.9.9+dfsg-1+deb7u3\", rls_regex:\"DEB7\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver-dev\", ver:\"0.9.9+dfsg-1+deb7u3\", rls_regex:\"DEB7\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver0\", ver:\"0.9.9+dfsg-1+deb7u3\", rls_regex:\"DEB7\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver0-dbg\", ver:\"0.9.9+dfsg-1+deb7u3\", rls_regex:\"DEB7\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linuxvnc\", ver:\"0.9.9+dfsg-1+deb7u3\", rls_regex:\"DEB7\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:39:35", "references": ["https://www.debian.org/security/2018/dsa-4221.html"], "pluginID": "1361412562310704221", "description": "Alexander Peslyak discovered that insufficient input sanitising of RFB\npackets in LibVNCServer could result in the disclosure of memory\ncontents.", "edition": 4, "reporter": "Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net", "published": "2018-06-08T00:00:00", "title": "Debian Security Advisory DSA 4221-1 (libvncserver - security update)", "type": "openvas", "enchantments": {"score": {"modified": "2018-09-01T23:39:35", "vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-06-13T00:00:00", "id": "OPENVAS:1361412562310704221", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704221", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_4221.nasl 10171 2018-06-13 06:19:25Z cfischer $\n#\n# Auto-generated from advisory DSA 4221-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704221\");\n script_version(\"$Revision: 10171 $\");\n script_cve_id(\"CVE-2018-7225\");\n script_name(\"Debian Security Advisory DSA 4221-1 (libvncserver - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-13 08:19:25 +0200 (Wed, 13 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-08 00:00:00 +0200 (Fri, 08 Jun 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4221.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB[89]\\.[0-9]+\");\n script_tag(name:\"affected\", value:\"libvncserver on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), this problem has been fixed\nin version 0.9.9+dfsg2-6.1+deb8u3.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 0.9.11+dfsg-1+deb9u1.\n\nWe recommend that you upgrade your libvncserver packages.\n\nFor the detailed security status of libvncserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/libvncserver\");\n script_tag(name:\"summary\", value:\"Alexander Peslyak discovered that insufficient input sanitising of RFB\npackets in LibVNCServer could result in the disclosure of memory\ncontents.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libvncclient0\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncclient0-dbg\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver-config\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver-dev\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver0\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver0-dbg\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linuxvnc\", ver:\"0.9.9+dfsg2-6.1+deb8u3\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncclient1\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncclient1-dbg\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver-config\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver-dev\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver1\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvncserver1-dbg\", ver:\"0.9.11+dfsg-1+deb9u1\", rls_regex:\"DEB9\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:39:07", "references": ["2018:1055", "http://lists.centos.org/pipermail/centos-announce/2018-May/022877.html"], "pluginID": "1361412562310882897", "description": "Check the version of libvncserver", "edition": 3, "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "published": "2018-06-05T00:00:00", "title": "CentOS Update for libvncserver CESA-2018:1055 centos7 ", "type": "openvas", "enchantments": {"score": {"modified": "2018-09-01T23:39:07", "vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-06-06T00:00:00", "id": "OPENVAS:1361412562310882897", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882897", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_1055_libvncserver_centos7.nasl 10086 2018-06-06 04:57:58Z ckuersteiner $\n#\n# CentOS Update for libvncserver CESA-2018:1055 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882897\");\n script_version(\"$Revision: 10086 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-06 06:57:58 +0200 (Wed, 06 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-05 14:03:16 +0530 (Tue, 05 Jun 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for libvncserver CESA-2018:1055 centos7 \");\n script_tag(name:\"summary\", value:\"Check the version of libvncserver\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"LibVNCServer is a C library that enables you to implement VNC server\nfunctionality into own programs.\n\nSecurity Fix(es):\n\n* libvncserver: Improper input sanitization in\nrfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\");\n script_tag(name:\"affected\", value:\"libvncserver on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:1055\");\n script_xref(name:\"URL\" , value:\"http://lists.centos.org/pipermail/centos-announce/2018-May/022877.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvncserver\", rpm:\"libvncserver~0.9.9~12.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvncserver-devel\", rpm:\"libvncserver-devel~0.9.9~12.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-19T12:55:34", "references": ["3618-1", "http://www.ubuntu.com/usn/usn-3618-1/"], "pluginID": "1361412562310843499", "description": "The remote host is missing an update for the ", "edition": 6, "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "published": "2018-04-06T00:00:00", "title": "Ubuntu Update for libvncserver USN-3618-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310843499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3618_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for libvncserver USN-3618-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843499\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-06 09:58:07 +0200 (Fri, 06 Apr 2018)\");\n script_cve_id(\"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libvncserver USN-3618-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvncserver'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that LibVNCServer\n incorrectly handled certain packet lengths. A remote attacker able to connect to\n a LibVNCServer could possibly use this issue to obtain sensitive information,\n cause a denial of service, or execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"libvncserver on Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3618-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3618-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|16\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvncserver0:amd64\", ver:\"0.9.9+dfsg-1ubuntu1.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvncserver0:i386\", ver:\"0.9.9+dfsg-1ubuntu1.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvncclient1:amd64\", ver:\"0.9.11+dfsg-1ubuntu0.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvncclient1:i386\", ver:\"0.9.11+dfsg-1ubuntu0.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvncserver1:amd64\", ver:\"0.9.11+dfsg-1ubuntu0.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvncserver1:i386\", ver:\"0.9.11+dfsg-1ubuntu0.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvncserver1:amd64\", ver:\"0.9.10+dfsg-3ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvncserver1:i386\", ver:\"0.9.10+dfsg-3ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-23T15:03:33", "references": ["http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00073.html", "2018:0851_1"], "pluginID": "1361412562310851728", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "published": "2018-03-30T00:00:00", "title": "SuSE Update for LibVNCServer openSUSE-SU-2018:0851-1 (LibVNCServer)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9941", "CVE-2018-7225", "CVE-2016-9942"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310851728", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851728", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2018_0851_1.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# SuSE Update for LibVNCServer openSUSE-SU-2018:0851-1 (LibVNCServer)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851728\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-30 08:40:53 +0200 (Fri, 30 Mar 2018)\");\n script_cve_id(\"CVE-2016-9941\", \"CVE-2016-9942\", \"CVE-2018-7225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for LibVNCServer openSUSE-SU-2018:0851-1 (LibVNCServer)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'LibVNCServer'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"LibVNCServer was updated to fix two security issues.\n\n These security issues were fixed:\n\n - CVE-2018-7225: Missing input sanitization inside rfbserver.c\n rfbProcessClientNormalMessage() (bsc#1081493).\n\n - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message with the\n Ultra type tile, such that the LZO payload decompressed length exceeds\n what is specified by the tile dimensions (bsc#1017712).\n\n - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message\n containing a subrectangle outside of the client drawing area\n (bsc#1017711).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-326=1\");\n script_tag(name:\"affected\", value:\"LibVNCServer on openSUSE Leap 42.3\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0851_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00073.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"LibVNCServer-debugsource\", rpm:\"LibVNCServer-debugsource~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"LibVNCServer-devel\", rpm:\"LibVNCServer-devel~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvncclient0\", rpm:\"libvncclient0~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvncclient0-debuginfo\", rpm:\"libvncclient0-debuginfo~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvncserver0\", rpm:\"libvncserver0~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvncserver0-debuginfo\", rpm:\"libvncserver0-debuginfo~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"linuxvnc\", rpm:\"linuxvnc~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"linuxvnc-debuginfo\", rpm:\"linuxvnc-debuginfo~0.9.9~16.3.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:30", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncserver1-dbg_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncserver1-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncserver-config_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncserver-config", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncserver-dev_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncserver-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncserver0_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "linuxvnc_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "linuxvnc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncclient0-dbg_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncclient0-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncclient1_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncclient1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncserver_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncserver", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncclient1-dbg_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncclient1-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncserver-config_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncserver-config", "operator": "lt"}, {"OS": "Debian", "OSVersion": "9", "packageVersion": "0.9.11+dfsg-1+deb9u1", "arch": "all", "packageFilename": "libvncserver1_0.9.11+dfsg-1+deb9u1_all.deb", "packageName": "libvncserver1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncserver_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncserver", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncserver-dev_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncserver-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncclient0_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "0.9.9+dfsg2-6.1+deb8u3", "arch": "all", "packageFilename": "libvncserver0-dbg_0.9.9+dfsg2-6.1+deb8u3_all.deb", "packageName": "libvncserver0-dbg", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4221-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJune 08, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libvncserver\nCVE ID : CVE-2018-7225\n\nAlexander Peslyak discovered that insufficient input sanitising of RFB\npackets in LibVNCServer could result in the disclosure of memory\ncontents.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 0.9.9+dfsg2-6.1+deb8u3.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 0.9.11+dfsg-1+deb9u1.\n\nWe recommend that you upgrade your libvncserver packages.\n\nFor the detailed security status of libvncserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/libvncserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "reporter": "Debian", "published": "2018-06-08T20:24:40", "title": "[SECURITY] [DSA 4221-1] libvncserver security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "modified": "2018-06-08T20:24:40", "id": "DEBIAN:DSA-4221-1:052D3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00150.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:49:08", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "0.9.9+dfsg-1+deb7u3", "arch": "all", "packageFilename": "libvncserver_0.9.9+dfsg-1+deb7u3_all.deb", "packageName": "libvncserver", "operator": "lt"}], "description": "Package : libvncserver\nVersion : 0.9.9+dfsg-1+deb7u3\nCVE ID : CVE-2018-7225\nDebian Bug : 894045\n\nlibvncserver version through 0.9.11. does not sanitize msg.cct.length\nwhich may result in access to uninitialized and potentially sensitive\ndata or possibly unspecified other impact (e.g., an integer overflow)\nvia specially crafted VNC packets.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n0.9.9+dfsg-1+deb7u3.\n\nWe recommend that you upgrade your libvncserver packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 2, "reporter": "Debian", "published": "2018-03-30T19:27:45", "title": "[SECURITY] [DLA 1332-1] libvncserver security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:49:08", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "modified": "2018-03-30T19:27:45", "id": "DEBIAN:DLA-1332-1:7BD7C", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201803/msg00035.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-11-14T03:13:34", "references": ["http://www.nessus.org/u?e2ab5fab"], "pluginID": "110828", "description": "According to the version of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.(CVE-2018-7225)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2018-07-02T00:00:00", "title": "EulerOS 2.0 SP3 : libvncserver (EulerOS-SA-2018-1176)", "type": "nessus", "enchantments": {"score": {"modified": "2018-11-14T03:13:34", "vector": "NONE", "value": 5.0}}, "naslFamily": "Huawei Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvncserver", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1176.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=110828", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110828);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\n \"CVE-2018-7225\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libvncserver (EulerOS-SA-2018-1176)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvncserver package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - This vulnerability has been modified since it was last\n analyzed by the NVD. It is awaiting reanalysis which\n may result in further changes to the information\n provided.(CVE-2018-7225)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1176\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e2ab5fab\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvncserver package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libvncserver-0.9.9-12.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-14T02:56:42", "references": ["http://www.nessus.org/u?337042d3"], "pluginID": "110143", "description": "According to the version of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.(CVE-2018-7225)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 11, "reporter": "Tenable", "published": "2018-05-29T00:00:00", "title": "EulerOS 2.0 SP1 : libvncserver (EulerOS-SA-2018-1139)", "type": "nessus", "enchantments": {"score": {"modified": "2018-11-14T02:56:42", "vector": "NONE", "value": 5.0}}, "naslFamily": "Huawei Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvncserver", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1139.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=110143", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110143);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\n \"CVE-2018-7225\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : libvncserver (EulerOS-SA-2018-1139)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvncserver package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - This vulnerability has been modified since it was last\n analyzed by the NVD. It is awaiting reanalysis which\n may result in further changes to the information\n provided.(CVE-2018-7225)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1139\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?337042d3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvncserver package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libvncserver-0.9.9-12.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-02T15:47:13", "references": ["https://www.suse.com/security/cve/CVE-2018-7225/", "https://bugzilla.suse.com/show_bug.cgi?id=1081493", "http://www.nessus.org/u?767c3eba"], "pluginID": "108872", "description": "This update for LibVNCServer fixes the following issues :\n\n - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2018-04-06T00:00:00", "title": "SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2018:0875-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-12-01T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:LibVNCServer"], "id": "SUSE_SU-2018-0875-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=108872", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0875-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108872);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/01 13:19:04\");\n\n script_cve_id(\"CVE-2018-7225\");\n\n script_name(english:\"SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2018:0875-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for LibVNCServer fixes the following issues :\n\n - CVE-2018-7225: Missing input sanitization inside\n rfbserver.c rfbProcessClientNormalMessage()\n (bsc#1081493).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7225/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180875-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?767c3eba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-LibVNCServer-13550=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-LibVNCServer-13550=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-LibVNCServer-13550=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:LibVNCServer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"LibVNCServer-0.9.1-160.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"LibVNCServer\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-14T03:07:09", "references": ["http://www.nessus.org/u?b930abb4", "https://packages.debian.org/source/jessie/libvncserver", "https://www.debian.org/security/2018/dsa-4221", "https://packages.debian.org/source/stretch/libvncserver"], "pluginID": "110420", "description": "Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.", "edition": 5, "reporter": "Tenable", "published": "2018-06-11T00:00:00", "title": "Debian DSA-4221-1 : libvncserver - security update", "type": "nessus", "enchantments": {"score": {"modified": "2018-11-14T03:07:09", "vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-13T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libvncserver", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4221.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=110420", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4221. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110420);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"DSA\", value:\"4221\");\n\n script_name(english:\"Debian DSA-4221-1 : libvncserver - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alexander Peslyak discovered that insufficient input sanitising of RFB\npackets in LibVNCServer could result in the disclosure of memory\ncontents.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/libvncserver\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b930abb4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libvncserver\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/libvncserver\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4221\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libvncserver packages.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 0.9.9+dfsg2-6.1+deb8u3.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 0.9.11+dfsg-1+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libvncclient0\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvncclient0-dbg\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvncserver-config\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvncserver-dev\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvncserver0\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvncserver0-dbg\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linuxvnc\", reference:\"0.9.9+dfsg2-6.1+deb8u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncclient1\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncclient1-dbg\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncserver-config\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncserver-dev\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncserver1\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvncserver1-dbg\", reference:\"0.9.11+dfsg-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:38:57", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2018-43541091ab"], "pluginID": "108818", "description": "This release fixes a possible sensitive data leak and a memory exhaustion when handling ClientTextCut messages of the RFB protocol.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "reporter": "Tenable", "published": "2018-04-04T00:00:00", "title": "Fedora 26 : libvncserver (2018-43541091ab)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-04-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libvncserver", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-43541091AB.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=108818", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-43541091ab.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108818);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/04 18:33:42\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"FEDORA\", value:\"2018-43541091ab\");\n\n script_name(english:\"Fedora 26 : libvncserver (2018-43541091ab)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes a possible sensitive data leak and a memory\nexhaustion when handling ClientTextCut messages of the RFB protocol.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-43541091ab\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvncserver package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"libvncserver-0.9.11-3.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:36:56", "references": ["http://www.nessus.org/u?3ecc44de"], "pluginID": "109451", "description": "Security Fix(es) :\n\n - libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)", "edition": 3, "reporter": "Tenable", "published": "2018-05-01T00:00:00", "title": "Scientific Linux Security Update : libvncserver on SL7.x x86_64", "type": "nessus", "enchantments": {"score": {"modified": "2018-09-01T23:36:56", "vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-05-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180410_LIBVNCSERVER_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109451", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109451);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/05/01 12:44:36\");\n\n script_cve_id(\"CVE-2018-7225\");\n\n script_name(english:\"Scientific Linux Security Update : libvncserver on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - libvncserver: Improper input sanitization in\n rfbProcessClientNormalMessage in rfbserver.c\n (CVE-2018-7225)\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=3718\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3ecc44de\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libvncserver, libvncserver-debuginfo and / or\nlibvncserver-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvncserver-0.9.9-12.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvncserver-debuginfo-0.9.9-12.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvncserver-devel-0.9.9-12.el7_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T13:08:49", "references": ["http://www.nessus.org/u?e9bf882c"], "pluginID": "110235", "description": "An update for libvncserver is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server functionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "edition": 5, "reporter": "Tenable", "published": "2018-05-31T00:00:00", "title": "CentOS 7 : libvncserver (CESA-2018:1055)", "type": "nessus", "enchantments": {"score": {"modified": "2018-11-11T13:08:49", "vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libvncserver", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:libvncserver-devel"], "id": "CENTOS_RHSA-2018-1055.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=110235", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1055 and \n# CentOS Errata and Security Advisory 2018:1055 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110235);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:32\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"RHSA\", value:\"2018:1055\");\n\n script_name(english:\"CentOS 7 : libvncserver (CESA-2018:1055)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libvncserver is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server\nfunctionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in\nrfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-May/022877.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9bf882c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvncserver packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvncserver-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvncserver-0.9.9-12.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvncserver-devel-0.9.9-12.el7_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:56", "references": ["https://alas.aws.amazon.com/AL2/ALAS-2018-1012.html"], "pluginID": "109691", "description": "Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c\n\nAn issue was discovered in LibVNCServer through 0.9.11.\nrfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.(CVE-2018-7225)", "edition": 3, "reporter": "Tenable", "published": "2018-05-11T00:00:00", "title": "Amazon Linux 2 : libvncserver (ALAS-2018-1012)", "type": "nessus", "enchantments": {"score": {"modified": "2018-09-01T23:49:56", "vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-05-11T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libvncserver", "cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:libvncserver-devel", "p-cpe:/a:amazon:linux:libvncserver-debuginfo"], "id": "AL2_ALAS-2018-1012.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109691", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1012.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109691);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/05/11 12:23:24\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"ALAS\", value:\"2018-1012\");\n\n script_name(english:\"Amazon Linux 2 : libvncserver (ALAS-2018-1012)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Improper input sanitization in rfbProcessClientNormalMessage in\nrfbserver.c\n\nAn issue was discovered in LibVNCServer through 0.9.11.\nrfbProcessClientNormalMessage() in rfbserver.c does not sanitize\nmsg.cct.length, leading to access to uninitialized and potentially\nsensitive data or possibly unspecified other impact (e.g., an integer\noverflow) via specially crafted VNC packets.(CVE-2018-7225)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update libvncserver' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvncserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvncserver-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"libvncserver-0.9.9-12.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"libvncserver-debuginfo-0.9.9-12.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"libvncserver-devel-0.9.9-12.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver / libvncserver-debuginfo / libvncserver-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:34:42", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007627.html"], "pluginID": "109153", "description": "From Red Hat Security Advisory 2018:1055 :\n\nAn update for libvncserver is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server functionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "edition": 3, "reporter": "Tenable", "published": "2018-04-19T00:00:00", "title": "Oracle Linux 7 : libvncserver (ELSA-2018-1055)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-04-19T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libvncserver", "p-cpe:/a:oracle:linux:libvncserver-devel", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-1055.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109153", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:1055 and \n# Oracle Linux Security Advisory ELSA-2018-1055 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109153);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/19 11:38:02\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"RHSA\", value:\"2018:1055\");\n\n script_name(english:\"Oracle Linux 7 : libvncserver (ELSA-2018-1055)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:1055 :\n\nAn update for libvncserver is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server\nfunctionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in\nrfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007627.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvncserver packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvncserver-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libvncserver-0.9.9-12.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libvncserver-devel-0.9.9-12.el7_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver / libvncserver-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:11:19", "references": ["https://access.redhat.com/security/cve/cve-2018-7225", "https://access.redhat.com/errata/RHSA-2018:1055"], "pluginID": "108994", "description": "An update for libvncserver is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server functionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "edition": 5, "reporter": "Tenable", "published": "2018-04-11T00:00:00", "title": "RHEL 7 : libvncserver (RHSA-2018:1055)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7225"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libvncserver-devel", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:libvncserver-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libvncserver", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2018-1055.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=108994", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1055. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108994);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:57\");\n\n script_cve_id(\"CVE-2018-7225\");\n script_xref(name:\"RHSA\", value:\"2018:1055\");\n\n script_name(english:\"RHEL 7 : libvncserver (RHSA-2018:1055)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libvncserver is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nLibVNCServer is a C library that enables you to implement VNC server\nfunctionality into own programs.\n\nSecurity Fix(es) :\n\n* libvncserver: Improper input sanitization in\nrfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1055\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-7225\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libvncserver, libvncserver-debuginfo and / or\nlibvncserver-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvncserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvncserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvncserver-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1055\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvncserver-0.9.9-12.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvncserver-0.9.9-12.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvncserver-debuginfo-0.9.9-12.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvncserver-debuginfo-0.9.9-12.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvncserver-devel-0.9.9-12.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvncserver-devel-0.9.9-12.el7_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvncserver / libvncserver-debuginfo / libvncserver-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:05", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7225"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "17.10", "packageVersion": "0.9.11+dfsg-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libvncclient1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "0.9.10+dfsg-3ubuntu0.16.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libvncserver1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "17.10", "packageVersion": "0.9.11+dfsg-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libvncserver1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "0.9.9+dfsg-1ubuntu1.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libvncserver0", "operator": "lt"}], "description": "It was discovered that LibVNCServer incorrectly handled certain packet lengths. A remote attacker able to connect to a LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.", "edition": 3, "reporter": "Ubuntu", "published": "2018-04-04T00:00:00", "title": "LibVNCServer vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "modified": "2018-04-04T00:00:00", "id": "USN-3618-1", "href": "https://usn.ubuntu.com/3618-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:44:08", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "i686", "packageName": "libvncserver", "packageFilename": "libvncserver-0.9.9-12.el7_5.i686.rpm", "operator": "lt"}], "description": "LibVNCServer is a C library that enables you to implement VNC server functionality into own programs.\n\nSecurity Fix(es):\n\n* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "reporter": "RedHat", "published": "2018-04-10T12:05:00", "type": "redhat", "title": "(RHSA-2018:1055) Moderate: libvncserver security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-10T12:16:44", "id": "RHSA-2018:1055", "href": "https://access.redhat.com/errata/RHSA-2018:1055", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:40:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "src", "packageFilename": "libvncserver-0.9.9-12.el7_5.src.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "i686", "packageFilename": "libvncserver-devel-0.9.9-12.el7_5.i686.rpm", "packageName": "libvncserver-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "x86_64", "packageFilename": "libvncserver-0.9.9-12.el7_5.x86_64.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "i686", "packageFilename": "libvncserver-0.9.9-12.el7_5.i686.rpm", "packageName": "libvncserver", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.9-12.el7_5", "arch": "x86_64", "packageFilename": "libvncserver-devel-0.9.9-12.el7_5.x86_64.rpm", "packageName": "libvncserver-devel", "operator": "lt"}], "description": "[0.9.9-12]\n- Fix CVE-2018-7225 (improper client cut text length sanitization) (bug #1548440)", "edition": 3, "reporter": "Oracle", "published": "2018-04-17T00:00:00", "title": "libvncserver security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2018-7225"], "modified": "2018-04-17T00:00:00", "id": "ELSA-2018-1055", "href": "http://linux.oracle.com/errata/ELSA-2018-1055.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2018-03-30T02:47:26", "references": ["https://bugzilla.suse.com/1017711", "https://bugzilla.suse.com/1017712", "https://bugzilla.suse.com/1081493"], "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "linuxvnc-debuginfo", "packageFilename": "linuxvnc-debuginfo-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "linuxvnc", "packageFilename": "linuxvnc-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "libvncserver0", "packageFilename": "libvncserver0-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "linuxvnc", "packageFilename": "linuxvnc-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "libvncclient0-debuginfo", "packageFilename": "libvncclient0-debuginfo-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "libvncserver0-debuginfo", "packageFilename": "libvncserver0-debuginfo-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "libvncclient0", "packageFilename": "libvncclient0-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "libvncserver0-debuginfo", "packageFilename": "libvncserver0-debuginfo-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "LibVNCServer-devel", "packageFilename": "LibVNCServer-devel-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "libvncserver0", "packageFilename": "libvncserver0-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "LibVNCServer-devel", "packageFilename": "LibVNCServer-devel-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "libvncclient0-debuginfo", "packageFilename": "libvncclient0-debuginfo-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "x86_64", "packageName": "LibVNCServer-debugsource", "packageFilename": "LibVNCServer-debugsource-0.9.9-16.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "LibVNCServer-debugsource", "packageFilename": "LibVNCServer-debugsource-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "libvncclient0", "packageFilename": "libvncclient0-0.9.9-16.3.1.i586.rpm", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "packageVersion": "0.9.9-16.3.1", "arch": "i586", "packageName": "linuxvnc-debuginfo", "packageFilename": "linuxvnc-debuginfo-0.9.9-16.3.1.i586.rpm", "operator": "lt"}], "description": "LibVNCServer was updated to fix two security issues.\n\n These security issues were fixed:\n\n - CVE-2018-7225: Missing input sanitization inside rfbserver.c\n rfbProcessClientNormalMessage() (bsc#1081493).\n - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message with the\n Ultra type tile, such that the LZO payload decompressed length exceeds\n what is specified by the tile dimensions (bsc#1017712).\n - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message\n containing a subrectangle outside of the client drawing area\n (bsc#1017711).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "reporter": "Suse", "published": "2018-03-30T00:07:11", "title": "Security update for LibVNCServer (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9941", "CVE-2018-7225", "CVE-2016-9942"], "modified": "2018-03-30T00:07:11", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00073.html", "id": "OPENSUSE-SU-2018:0851-1", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-03-27T22:43:45", "references": ["https://bugzilla.suse.com/1017711", "https://bugzilla.suse.com/1017712", "https://bugzilla.suse.com/1081493"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncserver0-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncserver0-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncserver0-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncserver0-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncserver0-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncclient0-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncclient0-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncclient0-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncclient0-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncclient0-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-debugsource-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.aarch64.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.s390x.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.ppc64le.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "LibVNCServer-devel-0.9.9-17.5.1.x86_64.rpm", "packageName": "LibVNCServer-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "x86_64", "packageFilename": "libvncserver0-0.9.9-17.5.1.x86_64.rpm", "packageName": "libvncserver0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "s390x", "packageFilename": "libvncclient0-0.9.9-17.5.1.s390x.rpm", "packageName": "libvncclient0", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncclient0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncclient0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "0.9.9-17.5.1", "arch": "ppc64le", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.ppc64le.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.3", "packageVersion": "0.9.9-17.5.1", "arch": "aarch64", "packageFilename": "libvncserver0-debuginfo-0.9.9-17.5.1.aarch64.rpm", "packageName": "libvncserver0-debuginfo", "operator": "lt"}], "description": "LibVNCServer was updated to fix two security issues.\n\n These security issues were fixed:\n\n - CVE-2018-7225: Missing input sanitization inside rfbserver.c\n rfbProcessClientNormalMessage() (bsc#1081493).\n - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message with the\n Ultra type tile, such that the LZO payload decompressed length exceeds\n what is specified by the tile dimensions (bsc#1017712).\n - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote\n servers to cause a denial of service (application crash) or possibly\n execute arbitrary code via a crafted FramebufferUpdate message\n containing a subrectangle outside of the client drawing area\n (bsc#1017711).\n\n", "edition": 1, "reporter": "Suse", "published": "2018-03-27T21:07:39", "type": "suse", "title": "Security update for LibVNCServer (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9941", "CVE-2018-7225", "CVE-2016-9942"], "modified": "2018-03-27T21:07:39", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00065.html", "id": "SUSE-SU-2018:0830-1", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
