CVE-2014-6055

Published: 24 September 2014

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.

Priority

Medium

Status

Package Release Status
italc
Launchpad, Ubuntu, Debian
Upstream
Released (1:3.0.3+dfsg1-1+deb9u1, 1:2.0.2+dfsg1-2+deb8u1)
Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (1:2.0.2+dfsg1-4ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

krfb
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4:4.13.3-0ubuntu1.1])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

Patches:
Upstream: http://quickgit.kde.org/?p=krfb.git&a=commit&h=2e211579455fd832fb21322482c005b6a85aa1bf
Upstream: http://quickgit.kde.org/?p=krfb.git&a=commit&h=857c2b411ed806ef806116407612a2d2a40fab9c
libvncserver
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [0.9.9+dfsg-1ubuntu1.1])
Ubuntu 12.04 ESM (Precise Pangolin)
Released (0.9.8.2-2ubuntu1.1)
Patches:
Upstream: https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e
Upstream: https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677
Upstream: https://github.com/newsoft/libvncserver/commit/256964b884c980038cd8b2f0d180fbb295b1c748 (improvement)