| VID |
23167 |
| Severity |
40 |
| Port |
5900, ... |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The VNC server is vulnerable to an authentication bypass vulnerability. The VNC protocol is a simple protocol for remote access to graphical user interfaces. RealVNC is an implementation of the VNC protocol. RealVNC Free Edition, Personal Edition, Enterprise Edition, and other products that use RealVNC such as AdderLink IP, could allow a remote attacker to bypass authentication and gain access to the VNC server. This is caused by the improper validation of the client authentication method which could allow an attacker to successfully authenticate to an affected system using the null authentication method. If the VNC server runs with administrative privileges, the attacker could gain complete control of the system.
* References:
http://www.realvnc.com/products/free/4.1/release-notes.html
http://www.realvnc.com/products/personal/4.2/release-notes.html
http://www.realvnc.com/products/enterprise/4.2/release-notes.html
http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046039.html
http://www.frsirt.com/english/advisories/2006/1790
http://www.kb.cert.org/vuls/id/117929
http://secunia.com/advisories/20109/
http://xforce.iss.net/xforce/alerts/id/222
* Platforms Affected:
Adder Technology, dderLink IP versions prior to 3.3
RealVNC Ltd., RealVNC Enterprise Edition 4.2.2
RealVNC Ltd., RealVNC Free Edition 4.1.0
RealVNC Ltd., RealVNC Free Edition 4.1.1
RealVNC Ltd., RealVNC Personal Edition 4.2.2
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Upgrade to RealVNC Free Edition 4.1.2, Personal Edition 4.2.3, or Enterprise Edition 4.2.3 or later, available from the RealVNC Download Web site at http://www.realvnc.com/download.html
For AdderLink IP:
Upgrade to the latest firmware version (3.3 or later), available from the Adder Web site at http://news.adder.com/article_36.asp |
| Related URL |
CVE-2006-2369 (CVE) |
| Related URL |
17978 (SecurityFocus) |
| Related URL |
26445 (ISS) |
|
