SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt
This event is generated when heap over exploit for LibVNCServer is detected. Impact: remote code execution Details: The vulnerability looks for a value that could case a heap overflow to occur when using file transfer extensions for VNC. Ease of Attack: Simple
No public information
No known false positives
Cisco Talos Intelligence Group
Tactic:
Technique:
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
CVE-2018-15127LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution |
|