SiD3WiNDR Gears  Hacker Emblem  
RealVNC & Security
Date: May 21st, 2006 by SiD3WiNDR
Categories: Security, Software

A few days ago a vulnerability in RealVNC was discovered allowing anyone to take over a desktop without any authentication at all (the client is allowed to select the authentication mechanism, of which one is "none"). Not too smart, but ohwell :s I wonder how much this effects the other VNC derivatives, since I thought their code was based off the "original" VNC. However, if they’re fixed, why didn’t they alert the RealVNC maintainers?

In the meanwhile I saw a basic scanner and a refined multithreaded scanner appear on Bugtraq . Fun for the kiddies! I don’t really do any firewall logging at the moment, but as noted in Filbert’s blog, scanning has certainly taken a steep curve upwards.


Incoming Links (via Technorati):
Nothing Reported

Comments are closed.

Weblog Calendar
December 2024
M T W T F S S
« Aug    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
Sales
Pages
Archives
Categories
Links
Meta
© 2002-2024, SiD3WiNDR - Proudly powered by WordPress - XHTML Compliant - RSS (Entries) - RSS (Comments)