CVE-2019-15681

Опубликовано: 29 окт. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html
Mailing List
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf
Third Party Advisory
https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4407-1/
Third Party Advisory
https://usn.ubuntu.com/4547-1/
Third Party Advisory
https://usn.ubuntu.com/4573-1/
Third Party Advisory
https://usn.ubuntu.com/4587-1/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html
Mailing List
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf
Third Party Advisory
https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*

Версия до 0.9.12 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*