Overview
WinVNC's challenge/response mechanism can allow an intruder to obtain legitimate credentials from a valid client in order to gain unauthorized access to the server.
Description
AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be available on the desktop of a remote host. If an intruder is able to eavesdrop traffic between the client and server with the ability to modify the data, they can gain access to the target system desktop, allowing local access to the system. |
Impact
This vulnerability could allow a remote attacker to gain unauthorized access to the WinVNC service. |
Solution
Tunnel WinVNC through software which provides strong authentication and secure communication. There is an example of this at http://www.uk.research.att.com/vnc/sshvnc.html. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Our thanks to CORE SDI for the information contained in their bulletin.
This document was written by Ian A. Finlay.
Other Information
| CVE IDs: | None |
| Severity Metric: | 3.95 |
| Date Public: | 2001-01-23 |
| Date First Published: | 2001-06-13 |
| Date Last Updated: | 2001-06-18 23:41 UTC |
| Document Revision: | 34 |