[SECURITY] Fedora 41 Update: guacamole-server-1.6.0-1.fc41

Guacamole is an HTML5 remote desktop gateway. Guacamole provides access to desktop environments using remote desktop protoc ols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No browser plugins are needed, and no clie...

[SECURITY] Fedora 42 Update: guacamole-server-1.6.0-1.fc42

Guacamole is an HTML5 remote desktop gateway. Guacamole provides access to desktop environments using remote desktop protoc ols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No browser plugins are needed, and no clie...

RKS - A Script To Automate Keystrokes Through A Graphical Desktop Program

A script to automate keystrokes through an active remote desktop session that assists offensive operators in combination with living off the land techniques. About RKS RemoteKeyStrokes All credits goes to nopernik for making it possible so I took it upon myself to improve it. I wanted something...

libvncserver: libvncclient/rfbproto.c does not limit TextChat size

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size...

NICER Protocol Deep Dive: Internet Exposure of VNC

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

Debian DLA-2347-1 : libvncserver security update

Several minor vulnerabilities have been discovered in libvncserver, a server and client implementation of the VNC protocol. CVE-2019-20839 libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename. CVE-2020-14397 libvncserver/rfbregion.c has a NULL pointer dereferenc...

[SECURITY] [DLA 2347-1] libvncserver security update

Debian LTS Advisory DLA-2347-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 28, 2020 https://wiki.debian.org/LTS Package : libvncserver Version : 0.9.11+dfsg-1.3deb9u5 CVE ID : CVE-2019-20839 CVE-2020-14397 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401...

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home...

ALPINE-CVE-2018-7225

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

VNC Brute Force Login

Try to log in with given passwords via VNC protocol. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu USN-776-1 (kvm)

The remote host is missing an update to kvm announced via advisory USN-776-1. OpenVAS Vulnerability Test $Id: ubuntu7761.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7761.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-776-1 kvm Authors: Thomas Reinke...

USN-776-2: KVM regression

USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Avi Kivity discovered...

Ubuntu 8.04 LTS / 8.10 : kvm vulnerabilities (USN-776-1)

Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. CVE-2008-1945, CVE-2008-2004 Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly...

USN-776-1: KVM vulnerabilities

Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. CVE-2008-1945, CVE-2008-2004 Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly...

VNC Authentication None Detection

Detect VNC servers that support the "None" authentication method. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VNC Authentication None Detection', 'Description' = 'Detect VNC servers that...

VNC Supported 'security types' Detection (TCP)

TCP based detection of the available remote Virtual Network Computing VNC SPDX-FileCopyrightText: 2006 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...