The RealVNC Server fails to properly authenticate clients. This may allow a remote attacker to bypass authentication and gain access to the VNC server.
The Virtual Network Computing (VNC) Protocol
According to RealVNC, "The VNC protocol is a simple protocol for remote access to graphical user interfaces."
A remote, unauthenticated attacker could gain access to a system running RealVNC server. If the RealVNC server runs with administrative privileges, the attacker could gain complete control of the system.
This vulnerability was reported by James Evans.
This document was written by Jeff Gennari.
|Date First Published:||2006-05-16|
|Date Last Updated:||2008-02-26 14:09 UTC|