You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ssvnc

Sigurnosni nedostaci programskog paketa ssvnc

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4547-2
September 28, 2020

ssvnc vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in SSVNC.

Software Description:
– ssvnc: Enhanced TightVNC viewer with SSL/SSH tunnel helper

Details:

It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled
certain packet lengths. A remote attacker could possibly use this issue to
obtain sensitive information, cause a denial of service, or execute arbitrary
code. (CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-2024)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
ssvnc 1.0.29-2+deb8u1build0.16.04.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4547-2
https://usn.ubuntu.com/4547-1
CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20024

Package Information:
https://launchpad.net/ubuntu/+source/ssvnc/1.0.29-2+deb8u1build0.16.04.1

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libpgf

Otkriven je sigurnosni nedostatak programske biblioteke libpgf za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close