[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: RealVNC 4.1.1 Remote Compromise

To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: re: RealVNC 4.1.1 Remote Compromise
From: plato@xxxxxxxxxxx
Date: Mon, 15 May 2006 21:22:26 -0500

Wow, 1 line of code addition to exploit:
        secType=1;

Since I'm sure many have already discovered this (since it is so
trivial), I leave it up to the devious reader to find out where to
insert this.

 BTW: RealVNC 4.1.2 is not affected by this bug.


** Disclaimer: If you find out how to exploit this, do so *only*
against your own systems to see if you are vulnerable. Please do not
exploit others systems since the sysadmins already have a hard enough
time dealing with users and do not need your presents to deal with.

Prev by Date: RE: Is MS06-018 a DoS or a system compromise ?
Next by Date: PhpRemoteView Multiple Xss Vulnerabilities
Previous by thread: Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
Next by thread: Sugar Suite Open Source <= 4.2 "OptimisticLock!" arbitrary remote inclusion exploit
Index(es):
- Date
- Thread