|
Family: Misc. --> Category: attack
RealVNC Authentication Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to bypass authentication using RealVNC
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote VNC server is prone to an authentication bypass issue.
Description :
The remote host appears to be running RealVNC, a VNC server for
Windows and Linux/unix platforms.
The version of RealVNC installed on the remote host allows a possible hacker
to bypass authentication by simply requesting 'Type 1 - None' as the
authentication type even though it is not explicitly configured to
support that. By exploiting this issue, a possible hacker gains access to
the affected host at the privilege level under which RealVNC operates,
typically as Administrator under Windows.
See also :
http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046039.html
http://www.realvnc.com/products/free/4.1/release-notes.html
http://www.realvnc.com/products/personal/4.2/release-notes.html
http://www.realvnc.com/products/enterprise/4.2/release-notes.html
Solution :
Upgrade to RealVNC Free Edition 4.1.2 / Personal Edition 4.2.3 /
Enterprise Edition 4.2.3 or later.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|