Operating System:

[Ubuntu]

Published:

06 October 2020

Protect yourself against future threats.

//Service

Security Bulletins

Receive up to date and consistent security bulletins across a wide range of vendors, streamlining security patching.

Read more
Resources > Security Bulletins > ESB-2020.3329.2 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2020.3329.2
                      iTALC and SSVNC vulnerabilities
                              6 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           iTALC
                   SSVNC
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-15681 CVE-2018-20750 CVE-2018-20749
                   CVE-2018-20748 CVE-2018-20024 CVE-2018-20023
                   CVE-2018-20022 CVE-2018-20021 CVE-2018-20020
                   CVE-2018-20019 CVE-2018-15127 CVE-2018-7225
                   CVE-2018-2024  

Reference:         ESB-2019.4771
                   ESB-2019.4525
                   ESB-2019.4032
                   ESB-2019.0298
                   ESB-2019.0121
                   ESB-2019.0114
                   ESB-2019.0009

Original Bulletin: 
   https://usn.ubuntu.com/4547-1/
   https://usn.ubuntu.com/4547-2/

Comment: This bulletin contains two (2) Ubuntu security advisories.

Revision History:  October    6 2020: Updated Products, Product Tag and Title
                   September 29 2020: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

USN-4547-1: iTALC vulnerabilities
28 September 2020

Several security issues were fixed in iTALC.
Releases

  o Ubuntu 18.04 LTS

Packages

  o italc - didact tool which allows teachers to view and control computer labs

Details

It was discovered that an information disclosure vulnerability existed in the
LibVNCServer vendored in iTALC when sending a ServerCutText message. An
attacker could possibly use this issue to expose sensitive information.
(CVE-2019-15681)

It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC
incorrectly handled certain packet lengths. A remote attacker could possibly
use this issue to obtain sensitive information, cause a denial of service, or
execute arbitrary code.
(CVE-2018-15127 CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022,
CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750,
CVE-2018-7225, CVE-2019-15681)

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 18.04

  o italc-client - 1:3.0.3+dfsg1-3ubuntu0.1
  o italc-master - 1:3.0.3+dfsg1-3ubuntu0.1
  o libitalccore - 1:3.0.3+dfsg1-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

  o CVE-2018-15127
  o CVE-2018-20019
  o CVE-2018-20020
  o CVE-2018-20021
  o CVE-2018-20022
  o CVE-2018-20023
  o CVE-2018-20024
  o CVE-2018-20748
  o CVE-2018-20749
  o CVE-2018-20750
  o CVE-2018-7225
  o CVE-2019-15681

Related notices

  o USN-3618-1 : libvncserver, libvncserver1, libvncserver0, libvncclient1
  o USN-3877-1 : libvncserver, libvncserver1, libvncserver0, libvncclient1
  o USN-4407-1 : libvncserver, libvncserver1, libvncclient1


- ------------------------------------------------------------------------------


USN-4547-2: SSVNC vulnerabilities
28 September 2020

Several security issues were fixed in SSVNC.
Releases

  o Ubuntu 16.04 LTS

Packages

  o ssvnc - Enhanced TightVNC viewer with SSL/SSH tunnel helper

Details

It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled
certain packet lengths. A remote attacker could possibly use this issue to
obtain sensitive information, cause a denial of service, or execute arbitrary
code. (CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-2024)

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 16.04

  o ssvnc - 1.0.29-2+deb8u1build0.16.04.1

In general, a standard system update will make all the necessary changes.

References

  o CVE-2018-20020
  o CVE-2018-20021
  o CVE-2018-20022
  o CVE-2018-20024

Related notices

  o USN-3877-1 : libvncserver, libvncserver1, libvncserver0, libvncclient1
  o USN-4547-1 : libitalccore, italc, italc-client, italc-master

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX3wNNuNLKJtyKPYoAQiQQQ//SCXzL51faxfP4H98jIhEpq3x0iUEWV1M
aOwJRJ6206GIRXWVas7f8ibvrLW8xk+kHcnCEML9pwcP0s3RV3WI57avG0yPAQOD
xEIJLZMgmXynlj/mzeS1ePI9sg4avBxGTYbfOeh+Uzl87TTBmXHpzpZ+zH/kX+7C
mXgVLTFr2qvmQBCEyleHPgeKkZEwArNx6t6/21hucLjWrfV3DzzKMbCxIUwRhVc2
ML0lw8K/zLMPnmAHYyk6Szi64klYWtzmvEbOQKFKK1x8b2L3EcCmu6qmEB6cPmeB
AgiNYJ6kVoRxkWhyTVlc/yqOejx2w2KNhuBISu3PCZRFRtadXiAtket6w64vCXTO
CqXZ4c/TSgGOPr7T+0ld9MphgxfbT6/mmai4qN06eYADlw5MPYDXR2cU+cRGADjJ
4J30bfXq4BOjawbyo4PTo1utH2YCOxGXO8UZWDEaBZGS9aELGx9AWsb4kQtLXCKD
bXw9uEkrJPoahGvDjoZUwhhTfRsWKVIyty6NmaaxdG+sCRZ12kxW3JCO8K95k1a6
nltJVJUIuFZU77GymZ0IAi+Xa//rnTJte7wLGwKYjD3i60OLuY7MSxaGVUvSL59G
y9bOsQNc0cQcXTGEnzWsDVUkrPP8hS0jjnAIK7YkXM9WWbG57VftxnsnBuR4qbHz
Af8eOQ4j0Oc=
=O/6a
-----END PGP SIGNATURE-----