CVE-2006-2369

2006-05-15T16:06:00
ID CVE-2006-2369
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:39:00

Description

RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.