Vulnerability Note VU#303080
AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack
WinVNC's challenge/response mechanism can allow an intruder to obtain legitimate credentials from a valid client in order to gain unauthorized access to the server.
AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be available on the desktop of a remote host. If an intruder is able to eavesdrop traffic between the client and server with the ability to modify the data, they can gain access to the target system desktop, allowing local access to the system.
This vulnerability could allow a remote attacker to gain unauthorized access to the WinVNC service.
Tunnel WinVNC through software which provides strong authentication and secure communication. There is an example of this at http://www.uk.research.att.com/vnc/sshvnc.html.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ATT||Affected||-||14 Jun 2001|
CVSS Metrics (Learn More)
Our thanks to CORE SDI for the information contained in their bulletin.
This document was written by Ian A. Finlay.
- CVE IDs: Unknown
- Date Public: 23 Jan 2001
- Date First Published: 13 Jun 2001
- Date Last Updated: 18 Jun 2001
- Severity Metric: 3.95
- Document Revision: 34
If you have feedback, comments, or additional information about this vulnerability, please send us email.