ID de Prueba:	1.3.6.1.4.1.25623.1.0.884334
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for tigervnc (CESA-2024:0006)
Resumen:	The remote host is missing an update for the 'tigervnc'; package(s) announced via the CESA-2024:0006 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tigervnc' package(s) announced via the CESA-2024:0006 advisory. Vulnerability Insight: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377) * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'tigervnc' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-6377 RHBZ#2253291 https://bugzilla.redhat.com/show_bug.cgi?id=2253291 RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2023:7886 RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0006 RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0009 RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0010 RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0014 RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0015 RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0016 RHSA-2024:0017 https://access.redhat.com/errata/RHSA-2024:0017 RHSA-2024:0018 https://access.redhat.com/errata/RHSA-2024:0018 RHSA-2024:0020 https://access.redhat.com/errata/RHSA-2024:0020 RHSA-2024:2169 https://access.redhat.com/errata/RHSA-2024:2169 RHSA-2024:2170 https://access.redhat.com/errata/RHSA-2024:2170 RHSA-2024:2995 https://access.redhat.com/errata/RHSA-2024:2995 RHSA-2024:2996 https://access.redhat.com/errata/RHSA-2024:2996 http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/security/cve/CVE-2023-6377 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R63Z6GIWM3YUNZRCGFODUXLW3GY2HD6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/ https://lists.x.org/archives/xorg-announce/2023-December/003435.html https://security.gentoo.org/glsa/202401-30 https://security.netapp.com/advisory/ntap-20240125-0003/ https://www.debian.org/security/2023/dsa-5576 Common Vulnerability Exposure (CVE) ID: CVE-2023-6478 RHBZ#2253298 https://bugzilla.redhat.com/show_bug.cgi?id=2253298 https://access.redhat.com/security/cve/CVE-2023-6478 https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.