Security Advisory Moderate: vnc security update

Advisory: RHSA-2009:0261-5
Type: Security Advisory
Severity: Moderate
Issued on: 2009-02-11
Last updated on: 2009-02-11
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20090261.xml
CVEs (cve.mitre.org): CVE-2008-4770

Details

Updated vnc packages to correct a security issue are now available for Red
Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Virtual Network Computing (VNC) is a remote display system which allows you
to view a computer's "desktop" environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

An insufficient input validation flaw was discovered in the VNC client
application, vncviewer. If an attacker could convince a victim to connect
to a malicious VNC server, or when an attacker was able to connect to
vncviewer running in the "listen" mode, the attacker could cause the
victim's vncviewer to crash or, possibly, execute arbitrary code.
(CVE-2008-4770)

Users of vncviewer should upgrade to these updated packages, which contain
a backported patch to resolve this issue. For the update to take effect,
all running instances of vncviewer must be restarted after the update is
installed.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 3)
SRPMS:
vnc-4.0-0.beta4.1.8.src.rpm     f2e61c1b2b63f9735e7273645f5cbc90
 
IA-32:
vnc-4.0-0.beta4.1.8.i386.rpm     89b4090c43c53abe8e34b83d912a08de
vnc-server-4.0-0.beta4.1.8.i386.rpm     6c8fc1056c2c7422d92b5b5acf72ed34
 
x86_64:
vnc-4.0-0.beta4.1.8.x86_64.rpm     8e36052c941ca26f4152d778cd62dfca
vnc-server-4.0-0.beta4.1.8.x86_64.rpm     bddb9e07dc2e243e09c45eef2a9ad4b3
 
Red Hat Desktop (v. 4)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
vnc-4.1.2-14.el5_3.1.src.rpm     53de924f01248ddfd0b2658aa9906093
 
IA-32:
vnc-4.1.2-14.el5_3.1.i386.rpm     c93e556b673ee6a69bcb70188a6c366f
vnc-server-4.1.2-14.el5_3.1.i386.rpm     f7a9845c6ee6096e5ba07705156d8ba9
 
IA-64:
vnc-4.1.2-14.el5_3.1.ia64.rpm     1e3683536234ecaefe0c28e5d550370d
vnc-server-4.1.2-14.el5_3.1.ia64.rpm     6341b164983b5e2682c909384bf3e1d4
 
PPC:
vnc-4.1.2-14.el5_3.1.ppc.rpm     aa64b1a1a586c8041be76714538ae957
vnc-server-4.1.2-14.el5_3.1.ppc.rpm     390f8bf907191c4fcfde7635761c666f
 
s390x:
vnc-4.1.2-14.el5_3.1.s390x.rpm     61cb0ffd16c4dfa92951fe2c61465289
vnc-server-4.1.2-14.el5_3.1.s390x.rpm     8397462b3071385e902aa2041c6121fd
 
x86_64:
vnc-4.1.2-14.el5_3.1.x86_64.rpm     291310d3456dd706cc1facbe86f9ecff
vnc-server-4.1.2-14.el5_3.1.x86_64.rpm     3d549bc11d41047e0c3affb0d7553917
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
vnc-4.0-0.beta4.1.8.src.rpm     f2e61c1b2b63f9735e7273645f5cbc90
 
IA-32:
vnc-4.0-0.beta4.1.8.i386.rpm     89b4090c43c53abe8e34b83d912a08de
vnc-server-4.0-0.beta4.1.8.i386.rpm     6c8fc1056c2c7422d92b5b5acf72ed34
 
IA-64:
vnc-4.0-0.beta4.1.8.ia64.rpm     8cc8415d8469c5cd6de6bc85e02876bc
vnc-server-4.0-0.beta4.1.8.ia64.rpm     189b5f8a914ebaa3fdb207449e1532d4
 
PPC:
vnc-4.0-0.beta4.1.8.ppc.rpm     32eacabba0dac6bd24a05c1d84ed1026
vnc-server-4.0-0.beta4.1.8.ppc.rpm     0e308809951a22869d37a4e46ec2c7e6
 
s390:
vnc-4.0-0.beta4.1.8.s390.rpm     d749f97106fd0493dadd9f171fe469b7
vnc-server-4.0-0.beta4.1.8.s390.rpm     7f434ca0162f3079eb0f4fe8091ad124
 
s390x:
vnc-4.0-0.beta4.1.8.s390x.rpm     0e5bb11a8da3451510566755ad8bafb7
vnc-server-4.0-0.beta4.1.8.s390x.rpm     2b4dbf373b118ac953246464d04ab0c6
 
x86_64:
vnc-4.0-0.beta4.1.8.x86_64.rpm     8e36052c941ca26f4152d778cd62dfca
vnc-server-4.0-0.beta4.1.8.x86_64.rpm     bddb9e07dc2e243e09c45eef2a9ad4b3
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
IA-64:
vnc-4.0-12.el4_7.1.ia64.rpm     b66201080bb8bbb3f80628becb447e0a
vnc-server-4.0-12.el4_7.1.ia64.rpm     5b8a78f6d4918139a01211219a140622
 
PPC:
vnc-4.0-12.el4_7.1.ppc.rpm     39ad6227989dfe2a1dfab362e2d7a2a5
vnc-server-4.0-12.el4_7.1.ppc.rpm     d3458e970cc7f2e1551e7d4e51791d63
 
s390:
vnc-4.0-12.el4_7.1.s390.rpm     db7a9bf23651edead675dd1a1dea03a8
vnc-server-4.0-12.el4_7.1.s390.rpm     b36de3299913a5ff9b7e0054cd4f2810
 
s390x:
vnc-4.0-12.el4_7.1.s390x.rpm     9d15edff6e48fa771f8185c069355803
vnc-server-4.0-12.el4_7.1.s390x.rpm     5c62863e97aafaf535f6c9423d0b3800
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
IA-64:
vnc-4.0-12.el4_7.1.ia64.rpm     b66201080bb8bbb3f80628becb447e0a
vnc-server-4.0-12.el4_7.1.ia64.rpm     5b8a78f6d4918139a01211219a140622
 
PPC:
vnc-4.0-12.el4_7.1.ppc.rpm     39ad6227989dfe2a1dfab362e2d7a2a5
vnc-server-4.0-12.el4_7.1.ppc.rpm     d3458e970cc7f2e1551e7d4e51791d63
 
s390:
vnc-4.0-12.el4_7.1.s390.rpm     db7a9bf23651edead675dd1a1dea03a8
vnc-server-4.0-12.el4_7.1.s390.rpm     b36de3299913a5ff9b7e0054cd4f2810
 
s390x:
vnc-4.0-12.el4_7.1.s390x.rpm     9d15edff6e48fa771f8185c069355803
vnc-server-4.0-12.el4_7.1.s390x.rpm     5c62863e97aafaf535f6c9423d0b3800
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
vnc-4.1.2-14.el5_3.1.src.rpm     53de924f01248ddfd0b2658aa9906093
 
IA-32:
vnc-4.1.2-14.el5_3.1.i386.rpm     c93e556b673ee6a69bcb70188a6c366f
vnc-server-4.1.2-14.el5_3.1.i386.rpm     f7a9845c6ee6096e5ba07705156d8ba9
 
x86_64:
vnc-4.1.2-14.el5_3.1.x86_64.rpm     291310d3456dd706cc1facbe86f9ecff
vnc-server-4.1.2-14.el5_3.1.x86_64.rpm     3d549bc11d41047e0c3affb0d7553917
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
vnc-4.0-0.beta4.1.8.src.rpm     f2e61c1b2b63f9735e7273645f5cbc90
 
IA-32:
vnc-4.0-0.beta4.1.8.i386.rpm     89b4090c43c53abe8e34b83d912a08de
vnc-server-4.0-0.beta4.1.8.i386.rpm     6c8fc1056c2c7422d92b5b5acf72ed34
 
IA-64:
vnc-4.0-0.beta4.1.8.ia64.rpm     8cc8415d8469c5cd6de6bc85e02876bc
vnc-server-4.0-0.beta4.1.8.ia64.rpm     189b5f8a914ebaa3fdb207449e1532d4
 
x86_64:
vnc-4.0-0.beta4.1.8.x86_64.rpm     8e36052c941ca26f4152d778cd62dfca
vnc-server-4.0-0.beta4.1.8.x86_64.rpm     bddb9e07dc2e243e09c45eef2a9ad4b3
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
IA-64:
vnc-4.0-12.el4_7.1.ia64.rpm     b66201080bb8bbb3f80628becb447e0a
vnc-server-4.0-12.el4_7.1.ia64.rpm     5b8a78f6d4918139a01211219a140622
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
IA-64:
vnc-4.0-12.el4_7.1.ia64.rpm     b66201080bb8bbb3f80628becb447e0a
vnc-server-4.0-12.el4_7.1.ia64.rpm     5b8a78f6d4918139a01211219a140622
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
vnc-4.1.2-14.el5_3.1.src.rpm     53de924f01248ddfd0b2658aa9906093
 
IA-32:
vnc-4.1.2-14.el5_3.1.i386.rpm     c93e556b673ee6a69bcb70188a6c366f
vnc-server-4.1.2-14.el5_3.1.i386.rpm     f7a9845c6ee6096e5ba07705156d8ba9
 
IA-64:
vnc-4.1.2-14.el5_3.1.ia64.rpm     1e3683536234ecaefe0c28e5d550370d
vnc-server-4.1.2-14.el5_3.1.ia64.rpm     6341b164983b5e2682c909384bf3e1d4
 
PPC:
vnc-4.1.2-14.el5_3.1.ppc.rpm     aa64b1a1a586c8041be76714538ae957
vnc-server-4.1.2-14.el5_3.1.ppc.rpm     390f8bf907191c4fcfde7635761c666f
 
s390x:
vnc-4.1.2-14.el5_3.1.s390x.rpm     61cb0ffd16c4dfa92951fe2c61465289
vnc-server-4.1.2-14.el5_3.1.s390x.rpm     8397462b3071385e902aa2041c6121fd
 
x86_64:
vnc-4.1.2-14.el5_3.1.x86_64.rpm     291310d3456dd706cc1facbe86f9ecff
vnc-server-4.1.2-14.el5_3.1.x86_64.rpm     3d549bc11d41047e0c3affb0d7553917
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
vnc-4.0-0.beta4.1.8.src.rpm     f2e61c1b2b63f9735e7273645f5cbc90
 
IA-32:
vnc-4.0-0.beta4.1.8.i386.rpm     89b4090c43c53abe8e34b83d912a08de
vnc-server-4.0-0.beta4.1.8.i386.rpm     6c8fc1056c2c7422d92b5b5acf72ed34
 
IA-64:
vnc-4.0-0.beta4.1.8.ia64.rpm     8cc8415d8469c5cd6de6bc85e02876bc
vnc-server-4.0-0.beta4.1.8.ia64.rpm     189b5f8a914ebaa3fdb207449e1532d4
 
x86_64:
vnc-4.0-0.beta4.1.8.x86_64.rpm     8e36052c941ca26f4152d778cd62dfca
vnc-server-4.0-0.beta4.1.8.x86_64.rpm     bddb9e07dc2e243e09c45eef2a9ad4b3
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
vnc-4.0-12.el4_7.1.src.rpm     e35cc13e6e83f78d6f6b057f9345cf14
 
IA-32:
vnc-4.0-12.el4_7.1.i386.rpm     3faa0a6e0f0c3473668d238bb24c1e63
vnc-server-4.0-12.el4_7.1.i386.rpm     78d6dbd2e4e3ca44816ec8f42d30d266
 
IA-64:
vnc-4.0-12.el4_7.1.ia64.rpm     b66201080bb8bbb3f80628becb447e0a
vnc-server-4.0-12.el4_7.1.ia64.rpm     5b8a78f6d4918139a01211219a140622
 
x86_64:
vnc-4.0-12.el4_7.1.x86_64.rpm     2b382a1b75a4219091c7e0786e1b4a9d
vnc-server-4.0-12.el4_7.1.x86_64.rpm     e43863025ee6fe5d2827fcf027e78a3d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

471777 - VNC Free Edition 4.1.3 fixes a possible security vulnerability only present in the listening viewer. VNC Server is not compromised.
480590 - CVE-2008-4770 vnc: vncviewer insufficient encoding value validation in CMsgReader::readRect


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4770
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/