CVE-2006-2369
CVE-2006-2369
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
Affected products
n/a · n/apublic PoCs found — 4
exploitdbwww.exploit-db.com/exploits/1791unverifiedexploitdbwww.exploit-db.com/exploits/1794unverifiedexploitdbwww.exploit-db.com/exploits/17719unverifiedexploitdbwww.exploit-db.com/exploits/36932unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=full-disclosure&m=114768344111131&w=2http://marc.info/?l=vnc-list&m=114755444130188&w=2http://seclists.org/fulldisclosure/2022/May/29http://secunia.com/advisories/20107http://secunia.com/advisories/20109http://secunia.com/advisories/20789http://securityreason.com/securityalert/8355http://securitytracker.com/id?1016083https://exchange.xforce.ibmcloud.com/vulnerabilities/26445http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtmlhttp://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.htmlhttp://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html