19 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-14402
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. CVE-2020-14402 Note that Nessus relies on...
SUSE: Security Advisory (SUSE-SU-2020:14424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2020-2362)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Vino vulnerabilities (USN-4573-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4573-1 advisory. Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cau...
Ubuntu: Security Advisory (USN-4573-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4573-1: Vino vulnerabilities
Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. CVE-2014-6053 It was discovered that Vino incorrectly handled certain packet lengths. A remote attacker could...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : LibVNCServer vulnerabilities (USN-4434-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4434-1 advisory. Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker coul...
openSUSE Security Update : LibVNCServer (openSUSE-2020-1056)
This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2020:1056-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu: Security Advisory (USN-4434-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : LibVNCServer (openSUSE-2020-1025)
This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2020:1025-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : LibVNCServer (openSUSE-2020-988)
This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2020:0988-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2020:14424-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2020-14398 bsc1173880, improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c + LibVNCServer-CVE-2020-14398.patch fix CVE-2020-14397 bsc1173700, NULL pointer dereference ...
Updated vino packages fix security vulnerability
The updated package fixes security vulnerabilities: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. CVE-2020-14397 Byte-aligned data is accessed through uint16t pointers in libvncserver/translate.c. CVE-2020-14400 libvncserver/corre....
Updated libvncserver packages fix security vulnerability
Updated libvncserver packages fix security vulnerabilities: libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename CVE-2019-20839. libvncserver/rfbregion.c had a NULL pointer dereference CVE-2020-14397. Byte-aligned data was accessed through uint32t pointers in...
Debian: Security Advisory (DLA-2264-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-14402
CVE-2020-14402 affects the LibVNCServer project, specifically the libvncserver/corre.c code path, where an out-of-bounds access is possible via encodings. The public description, and multiple connected advisories/plugins, consistently reference this issue as present in LibVNCServer before version...