re: RealVNC 4.1.1 Remote Compromise May 16 2006 02:22AM
plato dodgeit com
Wow, 1 line of code addition to exploit:
secType=1;

Since I'm sure many have already discovered this (since it is so
trivial), I leave it up to the devious reader to find out where to
insert this.

BTW: RealVNC 4.1.2 is not affected by this bug.

** Disclaimer: If you find out how to exploit this, do so *only*
against your own systems to see if you are vulnerable. Please do not
exploit others systems since the sysadmins already have a hard enough
time dealing with users and do not need your presents to deal with.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus