FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

vnc -- authentication bypass vulnerability

Affected packages
vnc = 4.1.1


VuXML ID 4645b98c-e46e-11da-9ae7-00123fcc6e5c
Discovery 2006-05-15
Entry 2006-05-18

RealVNC is susceptible to an authentication-bypass vulnerability. A malicious VNC client can cause a VNC server to allow it to connect without any authentication regardless of the authentication settings configured in the server. Exploiting this issue allows attackers to gain unauthenticated, remote access to the VNC servers.


Bugtraq ID 17978