RealVNC authentication bypass
|realvnc-auth-bypass (26445)||High Risk|
RealVNC Free Edition, Personal Edition, and Enterprise Edition could allow a remote attacker to bypass authentication and gain unauthorized access to the system. This is caused by the improper validation of the client authentication method which could allow an attacker to successfully authenticate to an affected system using the null authentication method.
Upgrade to the latest version of RealVNC Free Edition, Personal Edition or Enterprise Edition, available from the RealVNC Web site. See References.
For AdderLink IP:
Upgrade to the latest firmware version (3.3 or later), available from the Adder Web site. See References.
- Adder Web site: Adder Announces version 3.3 AdderLink IP Firmware.
- Cisco Security Response 2006 June 22 1530 UTC (GMT): RealVNC Remote Authentication Bypass Vulnerability.
- Full-Disclosure Mailing List, Mon May 15 2006 - 03:56:43 CDT: RealVNC 4.1.1 Remote Compromise.
- IntelliAdmin Blog 5/8/2006: Security flaw in RealVNC 4.1.1 .
- Internet Security Systems Protection Alert May 25, 2006: RealVNC Authentication Bypass.
- Offensive Security Exploit Database [08-26-2011]: RealVNC Authentication Bypass.
- RealVNC Web site: VNC Downloads.
- RealVNC Web site: VNC Personal Edition 4.2 - Release Notes.
- RealVNC Web site: VNC 4.1 - Release Notes.
- RealVNC Web site: VNC Enterprise Edition 4.2 - Release Notes.
- BID-17978: RealVNC Remote Authentication Bypass Vulnerability
- BID-18001: AdderLink IP Unspecified Vulnerability
- CVE-2006-2369: RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as Type 1 - None, which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
- OSVDB ID: 25479: RealVNC Security Type Enforcement Failure Remote Authentication Bypass
- OSVDB ID: 27137: LibVNCServer Insecure Security Type Request Authentication Bypass
- SA20107: RealVNC Password Authentication Bypass Vulnerability
- SA20109: AdderLink IP Unspecified VNC Vulnerability
- SA20789: Cisco Products RealVNC Password Authentication Bypass
- SECTRACK ID: 1016083: RealVNC May Let Remote Users Connect Without Authenticating
- US-CERT VU#117929: RealVNC Server does not validate client authentication method
- VUPEN/ADV-2006-1790: RealVNC Remote Authentication Bypass and Unauthorized Access Vulnerability
- VUPEN/ADV-2006-1821: AdderLink IP Security Update Fixes VNC Authentication Bypass Vulnerability
- VUPEN/ADV-2006-2492: Cisco CallManager Security Update Fixes RealVNC Authentication Bypass Vulnerability
- Adder Technology AdderLink IP prior to 3.3
- RealVNC RealVNC 4.0 - 4.2.2 Personal
- RealVNC RealVNC 4.0 - 4.2.2 Enterprise
- RealVNC RealVNC 4.1.0 Free
- RealVNC RealVNC 4.1.1 Free
May 08, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.