exploit in 4.1.2?
James Weatherall
jnw "at" realvnc.com
Thu Feb 15 10:26:00 2007
Hi Ivago,
Please make sure that you are using a copy of VNC Free Edition 4.1.2
download directly from http://www.realvnc.com/download.html, and that you
have checked your system for viruses. We've had reports of malicious
binaries claiming to be 4.1.2 but which actually aren't, obviously intended
to confuse users & provide access via the vulnerability in versions 4.1 &
4.1.1.
Regards,
Wez @ RealVNC Ltd.
> -----Original Message-----
> From: vnc-list-admin "at" realvnc.com
> [mailto:vnc-list-admin "at" realvnc.com] On Behalf Of D Ivago
> Sent: 14 February 2007 16:09
> To: vnc-list "at" realvnc.com
> Subject: exploit in 4.1.2?
>
> Hi,
>
> i'm using the free 4.1.2 version and just saw myself loggn of
> due to an
> ended vnc session while sitting in front of the PC that has
> the vnv service
> running.
>
> Checked my logs and saw quite a few vnc unauthorised
> connection over the
> last 12 hours.
>
> On another PC, also with vnc but another location and
> password, same thing
> in my logs.
>
> This can't be coincedince right? Although I know the
> passwords travel in
> plain text over the internet it's still verry odd to get
> sniffed twice, and
> the passwords itself are quite strong with numbers, letters
> and capitals and
> such...
>
> Could it be 4.1.2 is exploiteable??
>
> kind regards,
>
> ivago
>
> Last year I noticed the same and
> _______________________________________________
> VNC-List mailing list
> VNC-List "at" realvnc.com
> To remove yourself from the list visit:
> http://www.realvnc.com/mailman/listinfo/vnc-list