exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2014-6053

Status Candidate

Overview

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

Related Files

Ubuntu Security Notice USN-4573-1
Posted Oct 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4573-1 - Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. It was discovered that Vino incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-6053, CVE-2018-7225, CVE-2019-15681, CVE-2020-14397, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404
MD5 | b820dbcb8494dae534a235f1446d17cb
Gentoo Linux Security Advisory 201507-07
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-7 - Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 0.9.10-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | ec9f67c4370c5a39cb8cac505772dc3b
Mandriva Linux Security Advisory 2015-146
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-146 - An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker. The libvncserver library is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code. A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC client. A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter. A malicious VNC client can trigger multiple stack-based buffer overflows by passing a long file and directory names and/or attributes when using the file transfer message feature.

tags | advisory, remote, denial of service, overflow, code execution
systems | linux, mandriva
advisories | CVE-2014-4607, CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 1f4e2e2c84c709b288076ec78e448588
Debian Security Advisory 3081-1
Posted Dec 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3081-1 - Several vulnerabilities have been discovered in libvncserver, a library to implement VNC server functionality. These vulnerabilities might result in the execution of arbitrary code or denial of service in both the client and the server side.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 28d8bed564a4550641c939b791a61441
Mandriva Linux Security Advisory 2014-229
Posted Nov 27, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-229 - A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC client. A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter. A malicious VNC client can trigger multiple stack-based buffer overflows by passing a long file and directory names and/or attributes when using the file transfer message feature. Additionally libvncserver has been built against the new system minilzo library which is also being provided with this advisory.

tags | advisory, remote, overflow, code execution
systems | linux, mandriva
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 4483cf739c4756a5c449301327de2ba1
Red Hat Security Advisory 2014-1826-01
Posted Nov 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1826-01 - LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. A NULL pointer dereference flaw was found in LibVNCServer's framebuffer setup. A malicious VNC server could use this flaw to cause a VNC client to crash.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 5d8f8b6b4ace15d471accc5f869ec2e3
Red Hat Security Advisory 2014-1827-01
Posted Nov 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1827-01 - The kdenetwork packages contain networking applications for the K Desktop Environment. Krfb Desktop Sharing, which is a part of the kdenetwork package, is a server application that allows session sharing between users. Krfb uses the LibVNCServer library. A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 50c95e67a11a72127f4ec3c63384a7e9
Ubuntu Security Notice USN-2365-1
Posted Sep 30, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2365-1 - Nicolas Ruff discovered that LibVNCServer incorrectly handled memory when being advertised large screen sizes by the server. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Nicolas Ruff discovered that LibVNCServer incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause a server to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 9d77ebb5eaaa16f5d3263716e118d834
LibVNCServer 0.9.9 Remote Code Execution / Denial Of Service
Posted Sep 25, 2014
Authored by Open Source CERT, Nicolas Ruff

LibVNCServer versions 0.9.9 and below suffer from memory management handling, buffer overflow, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | 3edd9950bea6daeef70506c903175db0
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close