• LibVNCServer vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Thu Jul 2 16:10:01 2020
    libvncserver vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Several security issues were fixed in LibVNCServer.

    Software Description

    * libvncserver - vnc server library

    Details

    It was discovered that LibVNCServer incorrectly handled
    decompressing data. An attacker could possibly use this issue to
    cause LibVNCServer to crash, resulting in a denial of service.
    (CVE-2019-15680)

    It was discovered that an information disclosure vulnerability
    existed in LibVNCServer when sending a ServerCutText message. An
    attacker could possibly use this issue to expose sensitive
    information. This issue only affected Ubuntu 19.10, Ubuntu 18.04
    LTS, and Ubuntu 16.04 LTS. (CVE-2019-15681)

    It was discovered that LibVNCServer incorrectly handled cursor
    shape updates. If a user were tricked in to connecting to a
    malicious server, an attacker could possibly use this issue to
    cause LibVNCServer to crash, resulting in a denial of service, or
    possibly execute arbitrary code. This issue only affected Ubuntu
    19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2019-15690,
    CVE-2019-20788)

    It was discovered that LibVNCServer incorrectly handled decoding
    WebSocket frames. An attacker could possibly use this issue to
    cause LibVNCServer to crash, resulting in a denial of service, or
    possibly execute arbitrary code. This issue only affected Ubuntu
    19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2017-18922)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libvncclient1 - 0.9.12+dfsg-9ubuntu0.1
    libvncserver1 - 0.9.12+dfsg-9ubuntu0.1

    Ubuntu 19.10
    libvncclient1 - 0.9.11+dfsg-1.3ubuntu0.1
    libvncserver1 - 0.9.11+dfsg-1.3ubuntu0.1

    Ubuntu 18.04 LTS
    libvncclient1 - 0.9.11+dfsg-1ubuntu1.2
    libvncserver1 - 0.9.11+dfsg-1ubuntu1.2

    Ubuntu 16.04 LTS
    libvncclient1 - 0.9.10+dfsg-3ubuntu0.16.04.4
    libvncserver1 - 0.9.10+dfsg-3ubuntu0.16.04.4

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart LibVNCServer to
    make all the necessary changes.

    References

    * CVE-2017-18922
    * CVE-2019-15680
    * CVE-2019-15681
    * CVE-2019-15690
    * CVE-2019-20788

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Fri Jul 24 00:10:06 2020
    libvncserver vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Several security issues were fixed in LibVNCServer.

    Software Description

    * libvncserver - vnc server library

    Details

    Ramin Farajpour Cami discovered that LibVNCServer incorrectly
    handled certain malformed unix socket names. A remote attacker
    could exploit this with a crafted socket name, leading to a denial
    of service, or possibly execute arbitrary code. (CVE-2019-20839)

    It was discovered that LibVNCServer did not properly access
    byte-aligned data. A remote attacker could possibly use this issue
    to cause LibVNCServer to crash, resulting in a denial of service.
    This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
    (CVE-2019-20840)

    Christian Beier discovered that LibVNCServer incorrectly handled
    anonymous TLS connections. A remote attacker could possibly use
    this issue to cause LibVNCServer to crash, resulting in a denial
    of service. This issue only affected Ubuntu 20.04 LTS.
    (CVE-2020-14396)

    It was discovered that LibVNCServer incorrectly handled region
    clipping. A remote attacker could possibly use this issue to cause
    LibVNCServer to crash, resulting in a denial of service.
    (CVE-2020-14397)

    It was discovered that LibVNCServer did not properly reset
    incorrectly terminated TCP connections. A remote attacker could
    possibly use this issue to cause an infinite loop, resulting in a
    denial of service. (CVE-2020-14398)

    It was discovered that LibVNCServer did not properly access
    byte-aligned data. A remote attacker could possibly use this issue
    to cause LibVNCServer to crash, resulting in a denial of service.
    (CVE-2020-14399, CVE-2020-14400)

    It was discovered that LibVNCServer incorrectly handled screen
    scaling on the server side. A remote attacker could use this issue
    to cause LibVNCServer to crash, resulting in a denial of service,
    or possibly execute arbitrary code. (CVE-2020-14401)

    It was discovered that LibVNCServer incorrectly handled encodings.
    A remote attacker could use this issue to cause LibVNCServer to
    crash, resulting in a denial of service, or possibly execute
    arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404)

    It was discovered that LibVNCServer incorrectly handled TextChat
    messages. A remote attacker could possibly use this issue to cause
    LibVNCServer to crash, resulting in a denial of service.
    (CVE-2020-14405)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libvncclient1 - 0.9.12+dfsg-9ubuntu0.2
    libvncserver1 - 0.9.12+dfsg-9ubuntu0.2

    Ubuntu 18.04 LTS
    libvncclient1 - 0.9.11+dfsg-1ubuntu1.3
    libvncserver1 - 0.9.11+dfsg-1ubuntu1.3

    Ubuntu 16.04 LTS
    libvncclient1 - 0.9.10+dfsg-3ubuntu0.16.04.5
    libvncserver1 - 0.9.10+dfsg-3ubuntu0.16.04.5

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart LibVNCServer
    applications to make all the necessary changes.

    References

    * CVE-2019-20839
    * CVE-2019-20840
    * CVE-2020-14396
    * CVE-2020-14397
    * CVE-2020-14398
    * CVE-2020-14399
    * CVE-2020-14400
    * CVE-2020-14401
    * CVE-2020-14402
    * CVE-2020-14403
    * CVE-2020-14404
    * CVE-2020-14405

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)