DSA-4221-1 libvncserver - security update

Bulletin has no description...

Debian: Security Advisory (DSA-4221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for libvncserver CESA-2018:1055 centos7

Check the version of libvncserver SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882897";...

CentOS 7 : libvncserver (CESA-2018:1055)

An update for libvncserver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

EulerOS 2.0 SP1 : libvncserver (EulerOS-SA-2018-1139)

According to the version of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - LibVNCServer makes writing a VNC server or more correctly, a program exporting a framebuffer via the Remote Frame Buffer protocol easy.It hide...

Amazon Linux 2 : libvncserver (ALAS-2018-1012)

Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly...

Medium: libvncserver

Issue Overview: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or...

Scientific Linux Security Update : libvncserver on SL7.x x86_64 (20180410)

Security Fixes : - libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c CVE-2018-7225 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid109451; scriptversion"1.4";...

Denial Of Service (DoS)

libvncserver.so is vulnerable to denial of service DoS attacks. The vulnerability exists due to the lack of size validation of msg.cct.legnth in the rfbProcessClientNormalMessage function of libvncserver/rfbserver.c, potentially causing a denial of service DoS attack...

Oracle Linux 7 : libvncserver (ELSA-2018-1055)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1055 advisory. 0.9.9-12 - Fix CVE-2018-7225 improper client cut text length sanitization bug 1548440 Tenable has extracted the preceding description block directly from the...

RHEL 7 : libvncserver (RHSA-2018:1055)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1055 advisory. LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: Improper input...

Moderate: Red Hat Security Advisory: libvncserver security update

An update for libvncserver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

Updated libvncserver packages fix security vulnerability

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

Ubuntu: Security Advisory (USN-3618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2018:0875-1)

This update for LibVNCServer fixes the following issues : - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

Ubuntu 14.04 LTS / 16.04 LTS : LibVNCServer vulnerability (USN-3618-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3618-1 advisory. It was discovered that LibVNCServer incorrectly handled certain packet lengths. A remote attacker able to connect to a LibVNCServer could possibly use...

USN-3618-1: LibVNCServer vulnerability

It was discovered that LibVNCServer incorrectly handled certain packet lengths. A remote attacker able to connect to a LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code...

Fedora Update for libvncserver FEDORA-2018-43541091ab

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : libvncserver (2018-43541091ab)

This release fixes a possible sensitive data leak and a memory exhaustion when handling ClientTextCut messages of the RFB protocol. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatical...