RealVNC <= 4.1.1 - Huge bug in the news [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

PDA

View Full Version : RealVNC <= 4.1.1 - Huge bug in the news

class101

16-05-06, 17:41

It has been public today, I remember when a I coded a simple blank password scanner targeting realvnc , it had exposed a lot of computers to hackers, but it appear in this application bug you can bypass the password auth enough easly, check here:

http://lists.grok.org.uk/pipermail/full ... 46039.html (http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046039.html)

class101

16-05-06, 18:10

in my dfind , HOW nasty it should be ;>

darkcore

16-05-06, 19:48

nice i will test it :)

class101

16-05-06, 23:41

attached is the modded vncviewer bypassing the auth.
Tested working on a passworded RealVNC 4.1.1

eva_191

18-05-06, 09:18

yes,it works very nice!

It a big bug!!!