A heads up on new worm affecting previous versions of
RealVNC
Mike Miller
mbmiller "at" taxa.epi.umn.edu
Sat Jan 13 16:40:01 2007
On Fri, 12 Jan 2007, William Hooper wrote:
>> What do we know about which VNC versions are vulnerable?
>
> Check it out using the CVE number:
>
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2369
>
> This references the bug in version 4.1.1.
Thanks! That's what I thought. This note from Red Hat is funny:
Official Statement from Red Hat (8/16/2006)
This issue only affected version 4.1.1 and not the versions distributed
with Red Hat Enterprise Linux 2.1, 3, or 4.
It is true because they are still distributing Xvnc version 4.0b4. I have
been asking for a newer version, but they won't give it to me! The reason
I've been asking for a newer version is that an nmap scan of port 5901 on
the Linux server kills the Xvnc session. Our IT group likes to scan me as
part of a security check and this provides a DoS, but this has so far come
only from our IT group and not from outside. Madness.
Mike