CVE-2002-1336
CVE-2002-1336
TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000640http://marc.info/?l=bugtraq&m=102753170201524&w=2http://marc.info/?l=bugtraq&m=102769183913594&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/5992http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:022http://www.redhat.com/support/errata/RHSA-2002-287.htmlhttp://www.redhat.com/support/errata/RHSA-2003-041.htmlhttp://www.securityfocus.com/bid/5296http://www.tightvnc.com/WhatsNew.txt