Описание
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4.1.1+xorg1.0.2-0ubuntu1.6.06 |
| devel | released | 4.1.1+xorg1.0.2-0ubuntu4 |
| edgy | released | 4.1.1+xorg1.0.2-0ubuntu1.6.10.1 |
| feisty | released | 4.1.1+xorg1.0.2-0ubuntu4 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink I ...
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
7.5 High
CVSS2