Home / Advisories

Advisories

KLCERT-18-037: CodeSYS Control V3 Use of Insufficiently Random Values

19 December 2018

CODESYS communication servers use insufficiently random values.
KLCERT-18-036: CodeSYS Control V3 Improper Communication Address Filtering

19 December 2018

CODESYS routing protocol may disguise the source of crafted communication packets.
KLCERT-18-035: CodeSYS Control V3 Access Control Inactive by Default

19 December 2018

Neither communication encryption nor user authentication is activated by default, but must be activated by the user.
KLCERT-18-034: LibVNC NULL Pointer Dereference

19 December 2018

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains a null pointer dereference in VNC client code, which can result in DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 and later.
KLCERT-18-033: LibVNC Memory leak

19 December 2018

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains a CWE-665: Improper Initialization vulnerability in VNC Repeater client code, which could allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and bypass ASLR. This vulnerability has been fixed in 8b06f835e259652b0ff026898014fc7297ade858 and later.
KLCERT-18-032: LibVNC Multiple Memory Leaks

19 December 2018

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple CWE-665: Improper Initialization weaknesses in VNC client code, which could allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and bypass ASLR. This vulnerability has been fixed in 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 and later.
KLCERT-18-031: LibVNC Infinite Loop

19 December 2018

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite Loop vulnerability in VNC client code. The vulnerability could allow an attacker to consume an excessive amount of resources, such as CPU and RAM. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c and later.
KLCERT-18-030: LibVNC Heap Out-of-Bound Write

19 December 2018

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains a heap out-of-bound write vulnerability in a structure in VNC client code, which can result in remote code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d and later.
KLCERT-18-029: LibVNC Multiple Heap Out-of-Bound Vulnerabilities

19 December 2018

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code, which can result in remote code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in a83439b9fbe0f03c48eb94ed05729cb016f8b72f and later.
KLCERT-18-028: LibVNC Heap Out-of-Bound Write

19 December 2018

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains a heap out-of-bound write vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in 502821828ed00b4a2c4bef90683d0fd88ce495de and later.