Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:022: vnc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the vnc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:022 (vnc).
A vulnerability was discovered in the VNC server script that generates an X
cookie, used by X authentication. The script generated a cookie that was not
strong enough and allow a possible hacker to more easily guess the authentication
cookie, thus obtaining unauthorized access to the VNC server.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:022
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.