?
Solved

new RealVNC 4.1 vulnerability - is 4.0 really not affected?

Posted on 2006-05-16
1
Medium Priority
?
163 Views
Last Modified: 2013-12-04

This question pertains to the new RealVNC vulnerability:

http://secunia.com/advisories/20107/
http://isc.sans.org/
http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html

I have some clients running RealVNC 4.0.0.
Sources imply that PROBABLY this version is not affected.
(for example: "Note: Version 4.0 is reportedly not affected.).

Can anyone verify that Version 4.0.x is DEFINITELY not affected?

I need to be sure, for obvious reasons.

Thank you!

-Jon
0
Comment
Question by:JONATHANHELD
1 Comment
 
LVL 12

Accepted Solution

by:
gidds99 earned 1000 total points
ID: 16716962
You should really check this with the authors (you can submit a support request only if you are not using the free version):

http://www.realvnc.com/cgi-bin/support.cgi

However, the last item you linked to links to this page:

http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html

Where the guy who discovered the flaw states he has tested this on version 4.0:

 " Then I downloaded RealVNC 4.0 and installed it on another fresh test machine. Same thing as Tight and Ultra - I get disconnected right away. "

So it would appear he has been unable to re-create the issue on 4.0.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question