Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114201900601HistoryApr 19, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2019:0060-1)
2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
8
suse-su-2019:0060-1
libvncserver
security advisory
suse enterprise storage 4
suse linux enterprise server 12
suse linux enterprise server for sap 12-sp2
suse linux enterprise software development kit 12-sp3
suse openstack cloud 7
use-after-free
file transfer extension
heap out-of-bound write
information disclosure
improper initialization
null pointer dereference
infinite loop
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.724
Percentile
98.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2019.0060.1");
script_cve_id("CVE-2018-15126", "CVE-2018-15127", "CVE-2018-20019", "CVE-2018-20020", "CVE-2018-20021", "CVE-2018-20022", "CVE-2018-20023", "CVE-2018-20024", "CVE-2018-6307");
script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
script_version("2024-02-02T14:37:50+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:50 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-01-07 21:11:03 +0000 (Mon, 07 Jan 2019)");
script_name("SUSE: Security Advisory (SUSE-SU-2019:0060-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0|SLES12\.0SP1|SLES12\.0SP2|SLES12\.0SP3|SLES12\.0SP4)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2019:0060-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2019/suse-su-20190060-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'LibVNCServer' package(s) announced via the SUSE-SU-2019:0060-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for LibVNCServer fixes the following issues:
Security issues fixed:
CVE-2018-15126: Fixed use-after-free in file transfer extension
(bsc#1120114)
CVE-2018-6307: Fixed use-after-free in file transfer extension server
code (bsc#1120115)
CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC
client code (bsc#1120116)
CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c
(bsc#1120117)
CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client
code (bsc#1120118)
CVE-2018-20023: Fixed information disclosure through improper
initialization in VNC Repeater client code (bsc#1120119)
CVE-2018-20022: Fixed information disclosure through improper
initialization in VNC client code (bsc#1120120)
CVE-2018-20024: Fixed NULL pointer dereference in VNC client code
(bsc#1120121)
CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122)");
script_tag(name:"affected", value:"'LibVNCServer' package(s) on SUSE Enterprise Storage 4, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 12-SP1, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Software Development Kit 12-SP3, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE OpenStack Cloud 7.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0") {
if(!isnull(res = isrpmvuln(pkg:"LibVNCServer-debugsource", rpm:"LibVNCServer-debugsource~0.9.9~17.8.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0", rpm:"libvncclient0~0.9.9~17.8.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0-debuginfo", rpm:"libvncclient0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0", rpm:"libvncserver0~0.9.9~17.8.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0-debuginfo", rpm:"libvncserver0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP1") {
if(!isnull(res = isrpmvuln(pkg:"LibVNCServer-debugsource", rpm:"LibVNCServer-debugsource~0.9.9~17.8.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0", rpm:"libvncclient0~0.9.9~17.8.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0-debuginfo", rpm:"libvncclient0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0", rpm:"libvncserver0~0.9.9~17.8.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0-debuginfo", rpm:"libvncserver0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP2") {
if(!isnull(res = isrpmvuln(pkg:"LibVNCServer-debugsource", rpm:"LibVNCServer-debugsource~0.9.9~17.8.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0", rpm:"libvncclient0~0.9.9~17.8.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0-debuginfo", rpm:"libvncclient0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0", rpm:"libvncserver0~0.9.9~17.8.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0-debuginfo", rpm:"libvncserver0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"LibVNCServer-debugsource", rpm:"LibVNCServer-debugsource~0.9.9~17.8.1", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0", rpm:"libvncclient0~0.9.9~17.8.1", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0-debuginfo", rpm:"libvncclient0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0", rpm:"libvncserver0~0.9.9~17.8.1", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0-debuginfo", rpm:"libvncserver0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP4") {
if(!isnull(res = isrpmvuln(pkg:"LibVNCServer-debugsource", rpm:"LibVNCServer-debugsource~0.9.9~17.8.1", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0", rpm:"libvncclient0~0.9.9~17.8.1", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncclient0-debuginfo", rpm:"libvncclient0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0", rpm:"libvncserver0~0.9.9~17.8.1", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvncserver0-debuginfo", rpm:"libvncserver0-debuginfo~0.9.9~17.8.1", rls:"SLES12.0SP4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
debian
debian
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:03
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:03
[SECURITY] [DLA 1617-1] libvncserver security update
2018-12-27 03:53:08
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0037)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0080-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2019:0053-1)
2019-01-18 00:00:00
suse
suse
Security update for LibVNCServer (important)
2019-01-12 00:00:00
Security update for LibVNCServer (important)
2019-01-18 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2019:0080-1)
2019-01-14 00:00:00
Debian DSA-4383-1 : libvncserver - security update
2019-02-04 00:00:00
openSUSE Security Update : LibVNCServer (openSUSE-2019-53)
2019-01-22 00:00:00
mageia
mageia
Updated libvncserver & x11vnc packages fix security vulnerabilities
2019-01-16 01:15:34
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
osv
osv
libvncserver - security update
2019-02-03 00:00:00
libvncserver - security update
2018-12-25 00:00:00
ssvnc - security update
2019-11-29 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2019-01-31 00:00:00
SSVNC vulnerabilities
2020-09-28 00:00:00
iTALC vulnerabilities
2020-09-28 00:00:00
gentoo
gentoo
ssvnc: Multiple vulnerabilities
2020-06-13 00:00:00
LibVNCServer: Multiple vulnerabilities
2019-08-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34
redhatcve
redhatcve
ubuntucve
ubuntucve
veracode
veracode
Remote Code Execution
2020-09-29 03:51:12
Information Disclosure Through Memory Leak
2018-12-27 07:17:40
Out-of-bounds Write
2018-12-27 06:16:13
debiancve
debiancve
cvelist
cvelist
prion
prion
Information disclosure
2018-12-19 16:29:00
Heap overflow
2018-12-19 16:29:00
Heap overflow
2018-12-19 16:29:00
nvd
nvd
checkpoint_advisories
checkpoint_advisories
libVNC File Transfer Extension Heap-based Buffer Overflow (CVE-2018-15127)
2019-11-26 00:00:00
LibVNC LibVNCServer Use After Free (CVE-2018-6307)
2020-02-25 00:00:00
cve
cve
centos
centos
libvncserver security update
2019-01-16 16:58:43
redhat
redhat
(RHSA-2019:0059) Important: libvncserver security update
2019-01-15 08:09:21
amazon
amazon
Important: libvncserver
2019-02-13 18:38:00
oraclelinux
oraclelinux
libvncserver security update
2019-01-15 00:00:00
alpinelinux
alpinelinux
CVE-2018-20750
2019-01-30 18:29:00
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.724
Percentile
98.1%
Related for OPENVAS:13614125623114201900601