Published: 2009-09-03,
Last Updated: 2009-09-03 18:29:43 UTC
by Marcus Sachs (Version: 1)
8 comment(s) Last Updated: 2009-09-03 18:29:43 UTC
by Marcus Sachs (Version: 1)
We had an interesting submission from one of our readers today. He thinks there might be a problem with RealVNC. Here are the comments he sent us:
I'm a professional computer tech for a living, although I don't specialize in security. A few minutes ago I was shutting my PC down to go to a job when I noticed the VNC icon in my system tray was black, indicating a connection. I was immediately suspicious and powered the machine back on but unplugged the network cable until I could firewall the VNC service. I have a home broadband connection and the router is opened up to allow incoming remote access on port 5900. I have often noted the many failed attempts to connect to my VNC service in the windows logs; however, this was different. According to my event log, the service had been connected about for 15 minutes before I noticed it. Here are the technical details:Read more...
http://isc.sans.org/diary.html?storyid=7060
RealVNC Remote Authentication Bypass Vulnerability
Not Vulnerable: RealVNC RealVNC Personal Edition 4.2.3
RealVNC RealVNC Free Edition 4.1.2
RealVNC RealVNC Enterprise Edition 4.2.3
Read more...
http://www.securityfocus.com/bid/17978
Don
No comments:
Post a Comment