Linux Distros Unpatched Vulnerability : CVE-2016-9941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service application crash or...

SUSE: Security Advisory (SUSE-SU-2017:0104-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0830-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4587-1: iTALC vulnerabilities

Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...

Huawei EulerOS: Security Advisory for libvncsever (EulerOS-SA-2017-1130)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for LibVNCServer (important)

LibVNCServer was updated to fix two security issues. These security issues were fixed: - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servic...

openSUSE Security Update : LibVNCServer (openSUSE-2018-326)

LibVNCServer was updated to fix two security issues. These security issues were fixed : - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servi...

SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2018:0830-1)

LibVNCServer was updated to fix two security issues. These security issues were fixed : - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servi...

Fedora 26 : libvncserver (2017-6125002d79)

Update to latest stable release, include fixes for gnutls and gtk-vnc compatibility. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Fedora Update for libvncserver FEDORA-2017-dd5d2381e4

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : libvncserver (2017-0e08170fd3)

Update to latest stable release, include fixes for gnutls and gtk-vnc compatibility. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

SUSE-SU-2017:0622-1 Security update for tigervnc

This update for tigervnc provides the following fixes: - Prevent malicious server from crashing a server via a buffer overflow, a similar flaw as the LibVNCServer issues CVE-2016-9941 and CVE-2016-9942. bsc1019274 - CVE-2016-10207: Prevent potential crash due to insufficient clean-up after failur...

SUSE SLED12 / SLES12 Security Update : tigervnc (SUSE-SU-2017:0519-1)

This update for tigervnc provides the following fixes : - Prevent malicious server from crashing a server via a buffer overflow, a similar flaw as the LibVNCServer issues CVE-2016-9941 and CVE-2016-9942.. bsc1019274 - CVE-2016-10207: Prevent potential crash due to insufficient clean-up after...

SUSE-SU-2017:0519-1 Security update for tigervnc

This update for tigervnc provides the following fixes: - Prevent malicious server from crashing a server via a buffer overflow, a similar flaw as the LibVNCServer issues CVE-2016-9941 and CVE-2016-9942.. bsc1019274 - CVE-2016-10207: Prevent potential crash due to insufficient clean-up after failu...

LibVNCServer LibVNCClient FramebufferUpdate Rectangle Heap Buffer Overflow (CVE-2016-9941)

A heap-based buffer overflow has been reported in LibVNCServer LibVNCClient. The vulnerability is due to improper handling of FramebufferUpdate messages with specially crafted rectangles. A remote attacker could exploit this vulnerability by enticing a user to connect to a malicious VNC server an...

SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2017:0104-1)

LibVNCServer was updated to fix two security issues. These security issues were fixed : - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted FramebufferUpdate message...

Ubuntu 14.04 LTS / 16.04 LTS : LibVNCServer vulnerabilities (USN-3171-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3171-1 advisory. Josef Gajdusek discovered that the LibVNCServer client library incorrectly handled certain FrameBufferUpdate messages. If a user were tricked...

[SECURITY] [DSA 3753-1] libvncserver security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3753-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 05, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3753-1] libvncserver security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3753-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 05, 2017 https://www.debian.org/security/faq -...