RealVNC Remote Password Authentication Bypass

2006-05-15T04:32:35
ID OSVDB:25479
Type osvdb
Reporter Steve Wiseman(steve@intelliadmin.com)
Modified 2006-05-15T04:32:35

Description

Vulnerability Description

RealVNC contains a flaw that may allow a malicious user to bypass authentication and allows access to the remote system without requiring knowledge of the VNC password. The issue is triggered due to an error within the handling of VNC password authentication requests. This flaw may lead to a loss of confidentiality.

Solution Description

Upgrade to version 4.1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

RealVNC contains a flaw that may allow a malicious user to bypass authentication and allows access to the remote system without requiring knowledge of the VNC password. The issue is triggered due to an error within the handling of VNC password authentication requests. This flaw may lead to a loss of confidentiality.

References:

Vendor Specific News/Changelog Entry: http://www.realvnc.com/products/free/4.1/release-notes.html Vendor Specific Advisory URL Security Tracker: 1016083 Secunia Advisory ID:20789 Secunia Advisory ID:20107 Other Advisory URL: http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html Other Advisory URL: http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html Nessus Plugin ID:21564 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0543.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0419.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0498.html ISS X-Force ID: 26445 FrSIRT Advisory: ADV-2006-1790 FrSIRT Advisory: ADV-2006-1821 FrSIRT Advisory: ADV-2006-2492 CVE-2006-2369 CERT VU: 117929 Bugtraq ID: 17978