IT News Thread, UKERNA Issues RealVNC Security Alert in Other News; I've just received this. If you use this then please act appropriately.
JANET-CERT believes there may be significant use in ...
18th May 2006, 11:31 AM #1
UKERNA Issues RealVNC Security Alert
I've just received this. If you use this then please act appropriately.
JANET-CERT believes there may be significant use in JANET of the RealVNC product (http://www.realvnc.com/
) for remote management.
A defect has recently been disclosed which may result in a system with a RealVNC server being partly or completely controlled by an unauthorised and unauthenticated remote attacker: http://secunia.com/advisories/20107/
There are exploits for this vulnerability in the wild, and we are seeing a significant amount of scanning for TCP port 5900: http://isc.sans.org/diary.php?storyid=1336&rss
Versions of RealVNC are now available in which the problem is
It would be good practice to only allow access to the VNC service from specific addresses or address ranges, reducing the risk from this or any subsequent vulnerabilities.
If you have any questions which public Web sites do not answer, you are welcome to raise them on the UK-Security discussion list or directly with JANET-CERT <firstname.lastname@example.org>.
IDG Tech News
By Ben_Stanton in forum Windows
Last Post: 20th September 2007, 11:18 AM
By adamt82 in forum Virtual Learning Platforms
Last Post: 4th May 2007, 08:54 PM
By Gatt in forum Comments and Suggestions
Last Post: 8th February 2007, 09:24 PM
Last Post: 6th December 2006, 07:23 PM
By Dos_Box in forum IT News
Last Post: 12th May 2006, 12:16 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)