Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3081-1:24750
HistoryNov 29, 2014 - 3:21 p.m.

[SECURITY] [DSA 3081-1] libvncserver security update

2014-11-2915:21:35
lists.debian.org
17

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

10

Confidence

High

EPSS

0.886

Percentile

98.8%

JSON

Debian Security Advisory DSA-3081-1 [email protected]
http://www.debian.org/security/ Luciano Bello
November 29, 2014 http://www.debian.org/security/faq

Package : libvncserver
CVE ID : CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054
CVE-2014-6055
Debian Bug : 762745

Several vulnerabilities have been discovered in libvncserver, a library to
implement VNC server functionality. These vulnerabilities might result in the
execution of arbitrary code or denial of service in both the client and the
server side.

For the stable distribution (wheezy), these problems have been fixed in
version 0.9.9+dfsg-1+deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 0.9.9+dfsg-6.1.

We recommend that you upgrade your libvncserver packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9ppc64eltightvncserver-dbgsym< 1:1.3.9-9+deb9u1tightvncserver-dbgsym_1:1.3.9-9+deb9u1_ppc64el.deb
Debian7mipsellibvncserver0< 0.9.9+dfsg-1+deb7u1libvncserver0_0.9.9+dfsg-1+deb7u1_mipsel.deb
Debian7i386libvncserver-config< 0.9.9+dfsg-1+deb7u1libvncserver-config_0.9.9+dfsg-1+deb7u1_i386.deb
Debian7s390libvncserver0-dbg< 0.9.9+dfsg-1+deb7u1libvncserver0-dbg_0.9.9+dfsg-1+deb7u1_s390.deb
Debian8i386tightvncserver< 1.3.9-6.5+deb8u1tightvncserver_1.3.9-6.5+deb8u1_i386.deb
Debian7mipsellibvncserver-config< 0.9.9+dfsg-1+deb7u1libvncserver-config_0.9.9+dfsg-1+deb7u1_mipsel.deb
Debian6i386libvncserver0< 0.9.7-2+deb6u1libvncserver0_0.9.7-2+deb6u1_i386.deb
Debian7armellibvncserver0-dbg< 0.9.9+dfsg-1+deb7u1libvncserver0-dbg_0.9.9+dfsg-1+deb7u1_armel.deb
Debian7s390linuxvnc< 0.9.9+dfsg-1+deb7u1linuxvnc_0.9.9+dfsg-1+deb7u1_s390.deb
Debian6amd64libvncserver0-dbg< 0.9.7-2+deb6u1libvncserver0-dbg_0.9.7-2+deb6u1_amd64.deb
Rows per page:
1-10 of 1501

Related

nessus 34
osv 7
redhat 3
openvas 27
securityvulns 2
mageia 4
veracode 5
debian 4
freebsd 2
centos 2
archlinux 1
gentoo 2
ubuntu 3
fedora 4
oraclelinux 2
ubuntucve 5
cvelist 7
debiancve 7
cve 7
prion 7
nvd 7
checkpoint_advisories 1
nessus
nessus
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-2)
2016-01-04 00:00:00
SUSE SLED12 / SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-1)
2015-11-25 00:00:00
GLSA-201507-07 : LibVNCServer: Multiple vulnerabilities
2015-07-08 00:00:00
osv
osv
libvncserver - security update
2015-04-14 00:00:00
libvncserver - security update
2014-11-29 00:00:00
italc vulnerabilities
2020-10-20 16:35:20
redhat
redhat
(RHSA-2014:1826) Moderate: libvncserver security update
2014-11-11 00:00:00
(RHSA-2014:1827) Moderate: kdenetwork security update
2014-11-11 14:45:20
(RHSA-2015:0113) Moderate: libvncserver security update
2015-02-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2110-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:2088-1)
2021-04-19 00:00:00
Debian Security Advisory DSA 3081-1 (libvncserver - security update)
2014-11-29 00:00:00
securityvulns
securityvulns
libvncserver multiple security vulnerabilities
2014-09-29 00:00:00
[oCERT-2014-007] libvncserver multiple issues
2014-09-29 00:00:00
mageia
mageia
Updated libvncserver & remmina packages fix security vulnerabilities
2014-10-07 13:22:51
Updated kdenetwork4 packages fix security vulnerabilities in krfb
2014-11-21 15:44:16
Updated KDE 4 and related packages move to KDE 4.12.5
2014-10-29 14:30:40
veracode
veracode
Denial Of Service (DoS) Through Divide By Zero
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
debian
debian
[SECURITY] [DLA 197-1] libvncserver security update
2015-04-14 16:05:48
[SECURITY] [DLA 1979-1] italc security update
2019-10-30 22:21:35
[SECURITY] [DLA 2014-1] vino security update
2019-11-29 08:30:55
freebsd
freebsd
libvncserver -- multiple security vulnerabilities
2014-09-23 00:00:00
krfb -- Multiple security issues in bundled libvncserver
2014-09-23 00:00:00
centos
centos
libvncserver security update
2014-11-11 18:36:28
kdenetwork security update
2014-11-12 09:44:41
archlinux
archlinux
libvncserver: remote code execution, denial of service
2014-10-24 00:00:00
gentoo
gentoo
LibVNCServer: Multiple vulnerabilities
2015-07-07 00:00:00
TigerVNC: Integer overflow
2016-12-13 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2014-09-29 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
Vino vulnerabilities
2020-10-07 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libvncserver-0.9.10-0.6.20140718git9453be42.fc19
2014-10-04 03:25:16
[SECURITY] Fedora 19 Update: krfb-4.11.5-4.fc19
2014-10-08 19:11:38
[SECURITY] Fedora 20 Update: libvncserver-0.9.10-0.6.20140718git9453be42.fc20
2014-09-29 04:06:45
oraclelinux
oraclelinux
kdenetwork security update
2014-11-11 00:00:00
libvncserver security update
2014-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2014-6052
2014-09-24 00:00:00
CVE-2014-6055
2014-09-24 00:00:00
CVE-2014-6051
2014-09-24 00:00:00
cvelist
cvelist
CVE-2014-6051
2014-09-30 16:00:00
CVE-2014-6055
2014-09-30 16:00:00
CVE-2014-6054
2014-10-06 14:00:00
debiancve
debiancve
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-6055
2014-09-30 16:55:07
CVE-2014-6054
2014-10-06 14:55:11
cve
cve
CVE-2014-6055
2014-09-30 16:55:07
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-6052
2014-12-15 18:59:04
prion
prion
Integer overflow
2014-09-30 16:55:00
Stack overflow
2014-09-30 16:55:00
Denial of service
2014-10-06 14:55:00
nvd
nvd
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-6055
2014-09-30 16:55:07
CVE-2014-6054
2014-10-06 14:55:11
checkpoint_advisories
checkpoint_advisories
LibVNCServer rfbProcessClientNormalMessage msg.ssc.scale Divide by Zero Denial of Service (CVE-2014-6054)
2014-10-13 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

10

Confidence

High

EPSS

0.886

Percentile

98.8%

JSON
Related for DEBIAN:DSA-3081-1:24750
nessus34osv7redhat3openvas27securityvulns2mageia4veracode5debian4freebsd2centos2archlinux1gentoo2ubuntu3fedora4oraclelinux2ubuntucve5cvelist7debiancve7cve7prion7nvd7checkpoint_advisories1