CVE-2016-9942

CVE-2016-9942 is a heap-based buffer overflow in LibVNCServer/LibVNCClient (ultra.c) that can be triggered by a crafted FramebufferUpdate with the Ultra tile, allowing remote servers to crash the client or potentially execute arbitrary code when the LZO payload length exceeds the tile dimensions....

CVE-2016-9941

Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area...

CVE-2016-9942

Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed leng...

CVE-2016-9941

Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area...

CVE-2016-9942

Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed leng...

libvncserver -- multiple buffer overflows

libvnc server reports: Two unrelated buffer overflows can be used by a malicious server to overwrite parts of the heap and crash the client or possibly execute arbitrary code...

FreeBSD : libvncserver -- multiple security vulnerabilities (cb3f036d-8c7f-11e6-924a-60a44ce6887b)

Nicolas Ruff reports : Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature. %NASLMINLEVEL...

vnc-title NSE Script

Tries to log into a VNC server and get its desktop name. Uses credentials discovered by vnc-brute, or None authentication types. If realvnc-auth-bypass was run and returned VULNERABLE, this script will use that vulnerability to bypass authentication. See also: vnc-brute.nse realvnc-auth-bypass.ns...

Debian DLA-380-1 : libvncserver security update

An issue had been discovered and resolved by the libvncserver upstream developer Karl Runge addressing thread-safety in libvncserver when libvncserver is used for handling multiple VNC connections 1. Unfortunately, it is not trivially feasible because of ABI breakage to backport the related patch...

[SECURITY] [DLA 380-1] libvncserver security update

Package : libvncserver Version : 0.9.7-2+deb6u2 An issue had been discovered and resolved by the libvncserver upstream developer Karl Runge addressing thread-safety in libvncserver when libvncserver is used for handling multiple VNC connections 1. Unfortunately, it is not trivially feasible becau...

DLA-380-1 libvncserver - security update

Bulletin has no description...

SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-2)

The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...

openSUSE Security Update : LibVNCServer (openSUSE-2015-851)

The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...

SUSE SLED11 / SLES11 Security Update : LibVNCServer (SUSE-SU-2015:2110-1)

The libvncserver package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...

SUSE SLED12 / SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-1)

The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...

CVE-2006-2450

auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369...

Oracle: Security Advisory (ELSA-2014-1826)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201507-07

Gentoo Linux Local Security Checks GLSA 201507-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

FreeBSD : libvncserver -- memory corruption (b5e654c3-5644-11e5-9ad8-14dae9d210b8)

Petr Pisar reports : libvncserver/tight.c:rfbTightCleanup frees a buffer without zeroing freed pointer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine...

GLSA-201507-07 : LibVNCServer: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201507-07 LibVNCServer: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LibVNCServer. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute...