LibVNCServer Remote Authentication Bypass Vulnerability

LibVNCServer is prone to an authentication-bypass vulnerability. This issue is due to a flaw in the authentication process of the affected package.

Exploiting this issue may allow attackers to gain unauthenticated, remote access to the VNC servers.

All versions of LibVNCServer are considered vulnerable to this issue.

Reports indicate that this issue is similar to the issue described in BID 17978 (RealVNC Remote Authentication Bypass Vulnerability). Note that since LibVNCServer and RealVNC do not share code, this issue is being assigned a separate BID.


Privacy Statement
Copyright 2010, SecurityFocus