Launchpad CVE tracker

CVE 2006-2450

auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.debian.org...
MISC: http://www.securityfoc...
MISC: http://www.securityfoc...
MISC: http://seclists.org/fu...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://security.gentoo...
MISC: http://security.gentoo...
MISC: http://security.gentoo...
MISC: http://www.novell.com/...
MISC: http://libvncserver.cv...
MISC: http://sourceforge.net...

Launchpad.net

CVE 2006-2450

Related bugs

References