Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
172
security advisoryDoSUbuntuUbuntu 18.04 LTS: USN-4547-1 Critical: iTALC Multiple Issues
Several security issues were fixed in iTALC.. =========================================================================Ubuntu Security Notice USN-4547-1 September 28, 2020 italc vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in iTALC. Software Description: - italc: didact tool which allows teachers to view and control computer labs Details: It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. (CVE-2019-15681) It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. (CVE-2018-15127 CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750, CVE-2018-7225, CVE-2019-15681) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: italc-client 1:3.0.3+dfsg1-3ubuntu0.1 italc-master 1:3.0.3+dfsg1-3ubuntu0.1 libitalccore 1:3.0.3+dfsg1-3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4547-1 CVE-2018-15127, CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750, CVE-2018-7225, CVE-2019-15681 Package Information: https://launchpad.net/ubuntu/+source/italc/1:3.0.3+dfsg1-3ubuntu0.1 -- ubuntu-security-announce mailing list
Sep 28, 2020
•Critical
Ubuntu
197
security advisoryremote code executionDebianDebian LTS: DLA-1979-1 Critical: iTALC Remote Code Execution Issues
Several vulnerabilities have been identified in the VNC code of iTALC, a classroom management software. All vulnerabilities referenced below are issues that have originally been reported against Debian source package . Package : italc Version : 1:2.0.2+dfsg1-2+deb8u1 CVE ID : CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 CVE-2016-9941 CVE-2016-9942 CVE-2018-6307 CVE-2018-7225 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 CVE-2019-15681 Several vulnerabilities have been identified in the VNC code of iTALC, a classroom management software. All vulnerabilities referenced below are issues that have originally been reported against Debian source package libvncserver. The italc source package in Debian ships a custom-patched version of libvncserver, thus libvncserver's security fixes required porting over. CVE-2014-6051 Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer allowed remote VNC servers to cause a denial of service (crash) and possibly executed arbitrary code via an advertisement for a large screen size, which triggered a heap-based buffer overflow. CVE-2014-6052 The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer did not check certain malloc return values, which allowed remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message. CVE-2014-6053 The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer did not properly handle attempts to send a large amount of ClientCutText data, which allowed remote attackersto cause a denial of service (memory consumption or daemon crash) via a crafted message that was processed by using a single unchecked malloc. CVE-2014-6054 The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer allowed remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. CVE-2014-6055 Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer allowed remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. CVE-2016-9941 Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area. CVE-2016-9942 Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeded what is specified by the tile dimensions. CVE-2018-6307 LibVNC contained heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. CVE-2018-7225 An issue was discovered in LibVNCServer. rfbProcessClientNormalMessage() in rfbserver.c did not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNCpackets. CVE-2018-15126 LibVNC contained heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. CVE-2018-15127 LibVNC contained heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution CVE-2018-20749 LibVNC contained a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. CVE-2018-20750 LibVNC contained a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. CVE-2018-20019 LibVNC contained multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution CVE-2018-20748 LibVNC contained multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete. CVE-2018-20020 LibVNC contained heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution CVE-2018-20021 LibVNC contained a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM CVE-2018-20022 LibVNC contained multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allowed attackers to read stack memory and could be abused for information disclosure. Combined with another vulnerability, it could be used to leak stack memory layout and in bypassing ASLR. CVE-2018-20023 LibVNC contained CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allowed attacker to read stack memory and could be abused for information disclosure. Combined with another vulnerability, it could be used to leak stack memory layout and in bypassing ASLR. CVE-2018-20024 LibVNCcontained null pointer dereference in VNC client code that could result DoS. CVE-2019-15681 LibVNC contained a memory leak (CWE-655) in VNC server code, which allowed an attacker to read stack memory and could be abused for information disclosure. Combined with another vulnerability, it could be used to leak stack memory and bypass ASLR. This attack appeared to be exploitable via network connectivity. For Debian 8 "Jessie", these problems have been fixed in version 1:2.0.2+dfsg1-2+deb8u1. We recommend that you upgrade your italc packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail:
Oct 30, 2019
•Critical
Debian LTS
172
security advisorycriticalsystem accessEdubuntu: Critical iTALC Remote Control Vulnerability 1061-1 Identified
Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live DVD were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system. Only systems using keys from the Edubuntu Live DVD were affected. [More...]. ==========================================================Ubuntu Security Notice USN-1061-1 February 11, 2011 italc vulnerability CVE-2011-0724 ========================================================== A security issue affects the following Edubuntu releases: Edubuntu 9.10 Edubuntu 10.04 LTS Edubuntu 10.10 This advisory does not apply to the corresponding versions of Ubuntu, Kubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Edubuntu 9.10: italc-client 1:1.0.9.1-0ubuntu16.1 Edubuntu 10.04 LTS: italc-client 1:1.0.9.1-0ubuntu18.10.04.1 Edubuntu 10.10: italc-client 1:1.0.9.1-0ubuntu18.10.10.1 After a standard system update, if you had originally installed from the Edubuntu Live DVD and the bad keys were found, you will need to redistribute the newly generated public keys to your iTALC clients and restart each session. For more details, see: https://wiki.ubuntu.com/iTalc/Keys Details follow: Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live DVD were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system. Only systems using keys from the Edubuntu Live DVD were affected. Updated packages for Edubuntu 9.10: Source archives: Size/MD5: 16671 1463aaba5c51b8cec0d60b95f748604e Size/MD5: 1920 08011f20c0f1ef67bc9585cb1e7b1afd Size/MD5: 3294206 5acc6bd10139bc3e05e7106d27410e46 amd64 architecture (Athlon64, Opteron,EM64T Xeon): Size/MD5: 542156 64fb51a7bc9f270430816c26d9975087 Size/MD5: 1104570 3ec712ffb519e2d435049fef207fd2c6 Size/MD5: 203938 2f304ef75066085440e3d212a8b369cb i386 architecture (x86 compatible Intel/AMD): Size/MD5: 511854 8a7275b9a5d0bd04c72f3eb9ca1b331d Size/MD5: 1107262 d7cfffe6dac606775375e924a30e26f3 Size/MD5: 205602 2cf1ef5e65abe30128c079c3f1449384 armel architecture (ARM Architecture): Size/MD5: 538896 eb7379ae546c8536ca02c89e2bca4ef8 Size/MD5: 1091678 5b7b38132f58ecc7888c1c1f2be2ec69 Size/MD5: 193496 3c34296c12cf3196c4461c5fb466e26d lpia architecture (Low Power Intel Architecture): Size/MD5: 517964 58315714b8f7ac8947d10c006e2338b7 Size/MD5: 1112450 1e07a33fd32a2b39e2f98247fea1fd91 Size/MD5: 207090 a8de2ff7e3a63d7941c907c6f7662327 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 509256 6d3ab8b223c052daf61505e3699c548c Size/MD5: 1104256 a60f8f7864eaccd3925ed159f9922a52 Size/MD5: 207212 3f17a9133c795d574afbcaab646c0a6a sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 535652 3b4d443d9c446be018420f8d24660ec7 Size/MD5: 1113496 a69b5373083c72ae1f7fee5a8ec1ad2d Size/MD5: 199270 1d46750c6fdb042ebbc3fc8da0b87cc3 Updated packages for Edubuntu 10.04 LTS: Source archives: Size/MD5: 17359 01b5b5b9b20a3318de6eebff121bc060 Size/MD5: 1944 462055fb0ec328c3bc732189bb9b78ff Size/MD5: 3294206 5acc6bd10139bc3e05e7106d27410e46 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 540436 adf3a38bca52cfec45c0062451ae58e3 Size/MD5: 1116274 8bf410d86837d1bd44afce17a7c3259b Size/MD5: 205174 4182e5ce1528aeb2892f9cc6dc551bec i386 architecture (x86 compatible Intel/AMD): Size/MD5: 509254 fc058ac14090555b5b9a5b6258021506 Size/MD5: 1118644 4bb71f3d4d5b8ef2e77d5c9d37d340a2 Size/MD5: 206942 c875777d44d896765f38daea53b48449 armel architecture (ARM Architecture): Size/MD5: 514320 fc6ee6aeda4a44b55170b1e12935548d Size/MD5: 1096032 eecadd401d07293479828fd46119184a Size/MD5: 190692 ddfcda169a7002e70271b28c4ef0a719 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 506784 480566c62a80d3e1a031e663b82cd227 Size/MD5: 1115134 f622aaae7105494eff7c18f6bc69aba4 Size/MD5: 208300 a54eb8025c139551ed43c58560e3c90f sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 558922 bba1195414cc2683a0726c27bfd24916 Size/MD5: 1126202 bf3a680e3a0d2d51fc936490fb7a1e0f Size/MD5: 200984 67e38faf389fa0b4aaad118d00dd99e6 Updated packages for Edubuntu 10.10: Source archives: Size/MD5: 18083 39a981929bf84da42a97a54864228949 Size/MD5: 1944 24f547e0d9d843a7840bad3a9175819c Size/MD5: 3294206 5acc6bd10139bc3e05e7106d27410e46 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 532426 8d13c2c03230c8122d7bf3a0f1d5dbfd Size/MD5: 1117386 9eaa534098d4c5493fff03517c7b9545 Size/MD5: 203276 bf0bc8803ea8bf6b516ddaab9577a881 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 501438 ff1bcd699abfcc7901238a393441eb10 Size/MD5: 1120146 384a7eec9820349758c14026b11ce4ad Size/MD5: 205172 afce197eedd356c41c0363578247a815 armel architecture (ARM Architecture): Size/MD5: 570806 87388b75705ac4b3215b03d7233159fa Size/MD5: 1105250 51a40f0a7e63051a169f1c8dfc36b89e Size/MD5: 194404 e654aee0c1608fdbd939e854e694134a powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 499942 1ff63b28c25c2127e45d3bedbd1bbbae Size/MD5: 1117620 a7ca6291800aeb99410b39056fd58982 Size/MD5: 206704669dbbfde3b0fe231bb05d4522d95165 . A flaw in iTALC found within the Edubuntu Live DVD poses a threat of unauthorized system entry. Discover methods to fortify your security.. iTALC Security, Edubuntu Advisories, Remote Access, System Vulnerability, Key Management. . Severity: Critical. LinuxSecurity.com Team
Feb 11, 2011
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!