RealVNC Remote Authentication Bypass Vulnerability

RealVNC Remote Authentication Bypass Vulnerability

RealVNC is susceptible to an authentication-bypass vulnerability. This issue is due to a flaw in the authentication process of the affected package.

Exploiting this issue allows attackers to gain unauthenticated, remote access to the VNC servers.

RealVNC 4.1.1 is vulnerable to this issue; other versions may also be affected.

UPDATE (May 25, 2006): Reports indicate that this issue is being actively exploited in the wild.