The RealVNC Server fails to properly authenticate clients. This may allow a remote attacker to bypass authentication and gain access to the VNC server.
The Virtual Network Computing (VNC) Protocol
According to RealVNC, "The VNC protocol is a simple protocol for remote access to graphical user interfaces."
A remote, unauthenticated attacker could gain access to a system running RealVNC server. If the RealVNC server runs with administrative privileges, the attacker could gain complete control of the system.
This vulnerability was reported by James Evans.
|Date First Published:||2006-05-16|
|Date Last Updated:||2008-02-26 14:09 UTC|