Executive Summary
Summary | |
---|---|
Title | vnc security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:0261 | First vendor Publication | 2009-02-11 |
Vendor | RedHat | Last vendor Modification | 2009-02-11 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated vnc packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Virtual Network Computing (VNC) is a remote display system which allows you to view a computer's "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. An insufficient input validation flaw was discovered in the VNC client application, vncviewer. If an attacker could convince a victim to connect to a malicious VNC server, or when an attacker was able to connect to vncviewer running in the "listen" mode, the attacker could cause the victim's vncviewer to crash or, possibly, execute arbitrary code. (CVE-2008-4770) Users of vncviewer should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all running instances of vncviewer must be restarted after the update is installed. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 471777 - VNC Free Edition 4.1.3 fixes a possible security vulnerability only present in the listening viewer. VNC Server is not compromised. 480590 - CVE-2008-4770 vnc: vncviewer insufficient encoding value validation in CMsgReader::readRect |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-0261.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13774 | |||
Oval ID: | oval:org.mitre.oval:def:13774 | ||
Title: | DSA-1716-1 vnc4 -- integer overflow | ||
Description: | It was discovered that xvnc4viewer, a virtual network computing client software for X, is prone to an integer overflow via a malicious encoding value that could lead to arbitrary code execution. For the stable distribution this problem has been fixed in version 4.1.1+X4.3.0-21+etch1. For the unstable distribution this problem has been fixed in version 4.1.1+X4.3.0-31. For the testing distribution this problem will be fixed soon. We recommend that you upgrade your vnc4 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1716-1 CVE-2008-4770 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | vnc4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22776 | |||
Oval ID: | oval:org.mitre.oval:def:22776 | ||
Title: | ELSA-2009:0261: vnc security update (Moderate) | ||
Description: | The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0261-01 CVE-2008-4770 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | vnc |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29367 | |||
Oval ID: | oval:org.mitre.oval:def:29367 | ||
Title: | RHSA-2009:0261 -- vnc security update (Moderate) | ||
Description: | Updated vnc packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0261 CESA-2009:0261-CentOS 3 CVE-2008-4770 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 3 | Product(s): | vnc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7807 | |||
Oval ID: | oval:org.mitre.oval:def:7807 | ||
Title: | DSA-1716 vnc4 -- integer overflow | ||
Description: | It was discovered that xvnc4viewer, a virtual network computing client software for X, is prone to an integer overflow via a malicious encoding value that could lead to arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1716 CVE-2008-4770 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | vnc4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9367 | |||
Oval ID: | oval:org.mitre.oval:def:9367 | ||
Title: | The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type." | ||
Description: | The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4770 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for vnc CESA-2009:0261 centos3 i386 File : nvt/gb_CESA-2009_0261_vnc_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for vnc CESA-2009:0261 centos4 i386 File : nvt/gb_CESA-2009_0261_vnc_centos4_i386.nasl |
2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-17 (vnc) File : nvt/glsa_200903_17.nasl |
2009-02-13 | Name : RedHat Security Advisory RHSA-2009:0261 File : nvt/RHSA_2009_0261.nasl |
2009-02-13 | Name : CentOS Security Advisory CESA-2009:0261 (vnc) File : nvt/ovcesa2009_0261.nasl |
2009-02-02 | Name : Debian Security Advisory DSA 1716-1 (vnc4) File : nvt/deb_1716_1.nasl |
2009-02-02 | Name : Fedora Core 10 FEDORA-2009-0991 (vnc) File : nvt/fcore_2009_0991.nasl |
2009-02-02 | Name : Fedora Core 9 FEDORA-2009-1001 (vnc) File : nvt/fcore_2009_1001.nasl |
2008-10-29 | Name : RealVNC VNC Viewer Remote Code Execution Vulnerability (Linux) File : nvt/secpod_realvnc_remote_code_exe_vuln_lin_900163.nasl |
2008-10-29 | Name : RealVNC VNC Viewer Remote Code Execution Vulnerability (Win) File : nvt/secpod_realvnc_remote_code_exe_vuln_win_900162.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50050 | RealVNC VNC Viewer common/rfb/CMsgReader.cxx CMsgReader::readRect() Function ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0261.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090211_vnc_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0991.nasl - Type : ACT_GATHER_INFO |
2009-03-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-17.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0261.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0261.nasl - Type : ACT_GATHER_INFO |
2009-02-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1716.nasl - Type : ACT_GATHER_INFO |
2009-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1001.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 140455-03 File : solaris10_140455.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 140456-03 File : solaris10_x86_140456.nasl - Type : ACT_GATHER_INFO |
2008-10-21 | Name : The remote Windows host has an application that may allow execution of arbitr... File : realvnc_4_1_3.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:15 |
|