security holes in VNC
Jonathan Morton
chromi "at" chromatix.demon.co.uk
Fri Jul 5 18:21:02 2002
>I find two high security holes in WinVNC version 3.3.3 R9 running on
>Windows 2000 Server:
>
>- Apache chunking interger overflow
>- IIS Cumulative - ASP Chunked Encoding Overflow
Neither of those have *anything* to do with VNC. They affect two
different webservers, neither of which are part of WinVNC.
--
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: chromi "at" chromatix.demon.co.uk
website: http://www.chromatix.uklinux.net/
geekcode: GCS$/E dpu(!) s:- a21 C+++ UL++ P L+++ E W+ N- o? K? w--- O-- M++$
V? PS PE- Y+ PGP++ t- 5- X- R !tv b++ DI+++ D G e+ h+ r++ y+(*)
tagline: The key to knowledge is not to rely on people to teach you it.