正文

LibVNC 缓冲区错误漏洞

admin
admin V管理员 /0 评论 /12 阅读
0222
此篇文章发布距今已超过1169天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

LibVNC 缓冲区错误漏洞

  • CNNVD编号:CNNVD-201901-1016
    • <!--
  • 危害等级: 超危-->
  • 危害等级: 超危
  • CVE编号: CVE-2018-20748
  • 漏洞类型: 缓冲区错误
  • 发布时间: 2019-01-31
  • 威胁类型: 远程
  • 更新时间: 2020-10-26
  • 厂        商:
  • 漏洞来源: Ubuntu

漏洞简介

LibVNC是一款用于实现VNC服务器和客户端功能的跨平台C库。

LibVNC 0.9.12之前版本中的libvncclient/rfbproto.c文件存在堆越界写入漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://github.com/LibVNC/libvncserver/issues/273

参考网址

来源:MISC

链接:https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c

来源:MISC

链接:https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

来源:MISC

链接:https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7

来源:UBUNTU

链接:https://usn.ubuntu.com/4587-1/

来源:MISC

链接:https://github.com/LibVNC/libvncserver/issues/273

来源:UBUNTU

链接:https://usn.ubuntu.com/3877-1/

来源:MISC

链接:https://github.com/LibVNC/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a

来源:UBUNTU

链接:https://usn.ubuntu.com/4547-1/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2019/01/msg00029.html

来源:MISC

链接:https://www.openwall.com/lists/oss-security/2018/12/10/8

来源:https://www.suse.com/support/update/announcement/2019/suse-su-201913952-1/

链接:无

来源:security-tracker.debian.org

链接:https://security-tracker.debian.org/tracker/DLA-1979-1

来源:lists.debian.org

链接:https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3329/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3625/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159669/Ubuntu-Security-Notice-USN-4587-1.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/75562

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4771/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4032/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3329.2/

受影响实体

    暂无


补丁

  • LibVNC 缓冲区错误漏洞的修复措施
    <!--
    2019-1-31
    -->