728x90
In Mitre's CVE dictionary: CVE-2016-9941, CVE-2016-9942.
It was discovered that libvncserver, a collection of libraries used to implement VNC/RFB clients and servers, incorrectly processed incoming network packets. This resulted in several heap-based buffer overflows, allowing a rogue server to either cause a DoS by crashing the client, or potentially execute arbitrary code on the client side.
For the stable distribution (jessie), these problems have been fixed in version 0.9.9+dfsg2-6.1+deb8u2.
For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 0.9.11+dfsg-1.
We recommend that you upgrade your libvncserver packages.
728x90
'취약점 정보2' 카테고리의 다른 글
| MS 1월 보안 위협에 따른 정기 보안 업데이트 권고 (0) | 2017.01.11 |
|---|---|
| MongoDB의 취약한 인증을 통한 랜섬웨어 공격 주의 (0) | 2017.01.11 |
| ZendMail, SwiftMailer 원격코드 실행 취약점 보안 업데이트 권고 (0) | 2017.01.09 |
| 넥서스6, 안드로이드 7.1.1 업데이트 (0) | 2017.01.06 |
| Apache Tomcat Information Disclosure (0) | 2017.01.06 |