RSS   Vulnerabilities for 'Winvnc'   RSS

2001-01-23
 
CVE-2001-1422

 

 
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.

 
2001-05-03
 
CVE-2001-0168

CWE-Other
 

 
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.

 
 
CVE-2001-0167

CWE-Other
 

 
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.

 
2001-01-09
 
CVE-2000-1164

 

 
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.

 

 >>> Vendor: ATT 8 Products
SVR4
Winvnc
Winvnc server
VNC
Status
Connect participant application
U-verse firmware
Xmill


Copyright 2024, cxsecurity.com

 

Back to Top