CVE-2006-2206
The CVE-2006-2206 entry concerns UltraVNC 1.0.1 whose MS-Logon scheme uses weak XOR encryption for challenge/response. This weak cryptography permits an attacker on the network to sniff credentials and decrypt passwords, enabling privilege escalation.