Bugtraq mailing list archives
About VNC
From: patrick () PINE NL (Patrick Oonk)
Date: Wed, 24 May 2000 11:40:41 +0200
Hi, In a post to bugtraq yesterday I posted patches to the unix vncviewer which turns it in a cracker by doing dictionary attacks on the (win)VNC server. Please note that WinVNC since version 3.3.3R6 incorporates code that makes attacks like described in my previous post much harder. Version 3.3.3R6 which was released at may 15, 2000. Please update your server, use strong passwords and apply the AuthHosts and QuerySetting registry settings if possible. It can be gotten at http://www.uk.research.att.com/vnc/. See http://www.uk.research.att.com/vnc/winhistory.html for what has been changed. Patrick -- Patrick Oonk - PO1-6BONE - patrick () pine nl - www.pine.nl/~patrick Pine Internet - PAT31337-RIPE - PGPkeyID BE7497F1 - XOIP+31208723350 Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://security.nl PGP fingerprint A6 12 66 7F 22 84 1B E5 73 8C 99 F7 17 7B A3 98 Excuse of the day: solar flares
Current thread:
- Standard & Poors security nightmare Stephen Friedl (May 17)
- Re: Standard & Poors security nightmare Jim Knoble (May 18)
- Re: Standard & Poors security nightmare Richard Seaman, Jr. (May 20)
- Re: Standard & Poors security nightmare Richard Seaman, Jr. (May 21)
- Re: Standard & Poors security nightmare Crispin Cowan (May 20)
- "gdm" remote hole Chris Evans (May 21)
- Re: "gdm" remote hole Katherine M. Moussouris (May 22)
- fdmount buffer overflow Arend-Jan Wijtzes (May 22)
- Re: fdmount buffer overflow Greg Olszewski (May 22)
- About VNC Patrick Oonk (May 24)
- Re: fdmount buffer overflow Tomasz Grabowski (May 24)
- Re: fdmount buffer overflow Matt Wilson (May 24)
- Re: fdmount buffer overflow Greg Olszewski (May 22)
- Gauntlet Firewall Vulnerability Elias Levy (May 22)
- Re: Standard & Poors security nightmare Stephen J. Friedl (May 24)
- <Possible follow-ups>
- Re: Standard & Poors security nightmare Warren Young (May 23)
- Re: Standard & Poors security nightmare Kevin Kadow (May 25)