Win32 - 3.3.3r9 - password exploit?
Ian Cowley
irc20 "at" cam.ac.uk
Tue, 03 Apr 2001 23:42:33 +0000
It's because VNC only uses the first 8 characters of the password
-----------------------------------------------------------------------
| Ian Cowley | ian "at" iancowley.co.uk | Tel: +44(0)7979 474830 |
| Christ's College | www.iancowley.co.uk | +44(0)1223 700648 |
| Cambridge, CB2 3BU | | ICQ: 37181817 |
> -----Original Message-----
> From: owner-vnc-list "at" uk.research.att.com
> [mailto:owner-vnc-list "at" uk.research.att.com]On Behalf Of
> MYantzie "at" seniortech.com
> Sent: Tuesday 03 April 2001 22:46
> To: vnc-list "at" uk.research.att.com
> Subject: Win32 - 3.3.3r9 - password exploit?
>
>
> I am not sure if this has been noticed, or if VNC does not like special
> characters as a password, but within the Win version I had set
> the password
> to "QPH@#as9%" without the "". When I use the viewer to access
> the server I
> can use ANY character as the last character and it will login
> successfully.
> I haven't played around with it much to see if I could change more than 1
> character at a time. For all I know this may be documented somewhere.
> I will play with it a little and report what happens. Are special
> characters
> not to be used?
>
> Marty
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to majordomo "at" uk.research.att.com
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------