exploit in 4.1.2?
James Weatherall
jnw "at" realvnc.com
Fri Feb 16 10:18:02 2007
Marc,
On systems which may have been compromised prior to upgrade, you should
follow these steps:
1) Disconnect them from public networks.
2) Run a full virus-scan on them.
3) Install version 4.1.2.
4) Configure a new VNC password.
Regards,
Wez @ RealVNC Ltd.
> -----Original Message-----
> From: vnc-list-admin "at" realvnc.com
> [mailto:vnc-list-admin "at" realvnc.com] On Behalf Of Marc
> Sent: 15 February 2007 16:55
> To: vnc-list "at" realvnc.com
> Subject: Re: exploit in 4.1.2?
>
> After the exploit was discussed and the recommendation was made
> to install the updated code, I went to every box and downloaded
> the free edition to each machine. I don't have the version
> number in front of me but this was a couple of months ago.
> There was subsequent discussion on the list as to whether
> someone who saw notice about the exploit was seeing the advisory
> about the initial exploit or an exploit in a new version.
>
> It looks to me like what I am seeing is either the remainder of
> an earlier exploit taking advantage of a system after install of
> the newer version, or an exploit in the newer version.
>
> Is there a detailed FAQ about clean up from the earlier exploit
> to consult to make sure that it is not the former.....
> _______________________________________________
> VNC-List mailing list
> VNC-List "at" realvnc.com
> To remove yourself from the list visit:
> http://www.realvnc.com/mailman/listinfo/vnc-list