CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.9%
UltraVNC repeater versions prior to ultravnc_repeater_1300 do not restrict usage by IP address by default and cannot restrict by ports, which may be leveraged to induce connections to arbitrary hosts using any port.
<IP>::<80><padding>
, where padding consists of null bytes and the request length is 250 bytes.Update repeater configuration
New installations of UltraVNC repeater now default to restricting access to all IP addresses and support more granular port restrictions. Existing installations should consider updating to ultravnc_repeater_1300, review the vendor’s advisory, and make modifications as appropriate:
735416
Filter by status: All Affected Not Affected Unknown
Filter by content: __Additional information available
__Sort by: Status Alphabetical
Expand all
Javascript is disabled. Clickhere to view vendors.
Notified: May 13, 2016 Updated: August 01, 2016
Statement Date: May 16, 2016
Affected
WARNING: In MODE I the repeater works like a proxy. If you don’t limit the destination and or ports your repeater can be used to connect to all ip adresses and all ports that can be reached from the repeater.
You need to restrict the ip addreses and ports to prevent unwanted access.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 5 | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Temporal | 3.9 | E:POC/RL:OF/RC:C |
Environmental | 1.0 | CDP:ND/TD:L/CR:ND/IR:ND/AR:ND |
Thanks to Yonathan Klijnsma and Dan Tentler for reporting this vulnerability.
This document was written by Joel Land.
CVE IDs: | CVE-2016-5673 |
---|---|
Date Public: | 2016-08-06 Date First Published: |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.9%