14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 Note that...
EulerOS 2.0 SP2 : tigervnc (EulerOS-SA-2017-1228)
According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by...
CentOS 7 : fltk / tigervnc (CESA-2017:2000)
An update for tigervnc and fltk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
tigervnc and fltk security, bug fix, and enhancement update
fltk 1.3.4-1 - Re-base to 1.3.4 + sync with Fedora tigervnc 1.8.0-1 - Update to 1.8.0 Resolves: bz1388620 1.7.90-2 - Make RandR callbacks optional Resolves: bz1444948 1.7.90-1 - Update to 1.7.90 Resolves: bz1388620 1.7.1-3 - Delete underlying ssecurity in SSecurityVeNCrypt CCVE-2017-7392 Resolves...
RHEL 7 : tigervnc and fltk (RHSA-2017:2000)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2000 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Fedora 26 : tigervnc (2017-2d0066d567)
Security fix for CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396. Add systemd unit file for Xvnc. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora Update for tigervnc FEDORA-2017-a66ca10c22
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : tigervnc (SUSE-SU-2017:1093-1)
This update for tigervnc provides the several fixes. These security issues were fixed : - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server bsc1031886 - CVE-2017-7395: Authenticated VNC client can crash VNC server bsc1031877 - CVE-2017-7394: Client can crash or block VNC server...
openSUSE Security Update : tigervnc (openSUSE-2017-475)
This update for tigervnc provides the several fixes. These security issues were fixed : - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server bsc1031886 - CVE-2017-7395: Authenticated VNC client can crash VNC server bsc1031877 - CVE-2017-7394: Client can crash or block VNC server...
Fedora 25 : tigervnc (2017-51979161f4)
Security fix for CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora Update for tigervnc FEDORA-2017-51979161f4
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7394
A missing input sanitization flaw was found in the way TigerVNC handled credentials. A remote unauthenticated attacker could use this flaw to make Xvnc crash by sending specially crafted usernames, resulting in denial of service...
DEBIAN-CVE-2017-7394
In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames...
CVE-2017-7394
TigerVNC vulnerability CVE-2017-7394 affects TigerVNC 1.7.1: SSecurityPlain::processMsg allows unauthenticated users to crash the server by sending long usernames. The linked Nessus/Gentoo/EulerOS entries confirm this CVE among other TigerVNC issues, with impact described as a denial of service v...