Ubuntu 5965-1: TigerVNC vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-5965-1
March 21, 2023

tigervnc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 ESM

Summary:

TigerVNC could be made to expose sensitive information over the network.

Software Description:
- tigervnc: High-performance, platform-neutral implementation of VNC 

Details:

It was discovered that TigerVNC mishandled TLS certificate exceptions. An
attacker could use this vulnerability to impersonate any server after a client
had added an exception and obtain sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 ESM:
  tigervnc-common                 1.10.1+dfsg-3ubuntu0.1+esm2
  tigervnc-scraping-server        1.10.1+dfsg-3ubuntu0.1+esm2
  tigervnc-standalone-server      1.10.1+dfsg-3ubuntu0.1+esm2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5965-1
  CVE-2020-26117

Ubuntu 5965-1: TigerVNC vulnerability

March 21, 2023
TigerVNC could be made to expose sensitive information over the network.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 ESM Summary: TigerVNC could be made to expose sensitive information over the network. Software Description: - tigervnc: High-performance, platform-neutral implementation of VNC Details: It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 ESM: tigervnc-common 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-scraping-server 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-standalone-server 1.10.1+dfsg-3ubuntu0.1+esm2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5965-1

CVE-2020-26117

Severity
Ubuntu Security Notice USN-5965-1

Package Information

Related News

The Tor Project’s New Privacy-Focused Browser Doesn’t Use the Tor Network

Attackers Deploy Sophisticated Linux Implant on Fortinet Network Security Devices

DISA Issues Security Technical Implementation Guide for TOSS 4 Operating System

10 Essential Linux Tools for Network and Security Pros

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy