Test Kennung:	1.3.6.1.4.1.25623.1.0.884334
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for tigervnc (CESA-2024:0006)
Zusammenfassung:	The remote host is missing an update for the 'tigervnc'; package(s) announced via the CESA-2024:0006 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tigervnc' package(s) announced via the CESA-2024:0006 advisory. Vulnerability Insight: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377) * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'tigervnc' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-6377 RHBZ#2253291 https://bugzilla.redhat.com/show_bug.cgi?id=2253291 RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2023:7886 RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0006 RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0009 RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0010 RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0014 RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0015 RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0016 RHSA-2024:0017 https://access.redhat.com/errata/RHSA-2024:0017 RHSA-2024:0018 https://access.redhat.com/errata/RHSA-2024:0018 RHSA-2024:0020 https://access.redhat.com/errata/RHSA-2024:0020 RHSA-2024:2169 https://access.redhat.com/errata/RHSA-2024:2169 RHSA-2024:2170 https://access.redhat.com/errata/RHSA-2024:2170 RHSA-2024:2995 https://access.redhat.com/errata/RHSA-2024:2995 RHSA-2024:2996 https://access.redhat.com/errata/RHSA-2024:2996 http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/security/cve/CVE-2023-6377 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R63Z6GIWM3YUNZRCGFODUXLW3GY2HD6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/ https://lists.x.org/archives/xorg-announce/2023-December/003435.html https://security.gentoo.org/glsa/202401-30 https://security.netapp.com/advisory/ntap-20240125-0003/ https://www.debian.org/security/2023/dsa-5576 Common Vulnerability Exposure (CVE) ID: CVE-2023-6478 RHBZ#2253298 https://bugzilla.redhat.com/show_bug.cgi?id=2253298 https://access.redhat.com/security/cve/CVE-2023-6478 https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632
Copyright	Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.