|
|
TightVNC Server Authentication Cookie Predictability Vulnerability
Solution: Sun have made fixes available to address this issue in Sun Linux 5.0.7. Fixes are linked below. Red Hat has released an advisory (RHSA-2003:041-12) and fixes as a solution for this vulnerability. Gentoo Linux has released an advisory. Users who have installed net-misc/vnc or net-misc/tightvnc are advised to upgrade by issuing the following commands: emerge sync emerge -u tightvnc emerge clean or emerge sync emerge -u vnc emerge clean Conectiva has released advisory CLA-2003:640 with fixes to address this issue. Security advisory CLSA-2003:670 has also been released containing a fix for CLEE 1.0, users are advised to upgrade as soon as possible. Fixes: TightVNC TightVNC 1.2.2
TightVNC TightVNC 1.2.5
AT&T VNC 3.3.3
AT&T VNC 3.3.3 R2
|
|
Privacy Statement |