CVE-2002-0994 - OpenCVE

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Sun	Sun Pci Ii Driver

Configuration 1 [-]

cpe:2.3:a:sun:sun_pci_ii_driver:2.3:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html
http://www.iss.net/security_center/static/9476.php	Vendor Advisory
http://www.securityfocus.com/bid/5146	Exploit Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-08-31T04:00:00

Updated: 2002-09-10T09:00:00

Reserved: 2002-08-27T00:00:00

Link: CVE-2002-0994

JSON object: View

NVD Information

Status : Analyzed

Published: 2002-10-04T04:00:00.000

Modified: 2008-09-05T20:29:29.707

Link: CVE-2002-0994

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-07-03T00:00:00", "descriptions": [{"lang": "en", "value": "SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-09-10T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "sunpci-vnc-weak-authentication(9476)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/9476.php"}, {"name": "5146", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5146"}, {"name": "20020703 SunPCi II VNC weak authentication scheme vulnerability", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0994", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "sunpci-vnc-weak-authentication(9476)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9476.php"}, {"name": "5146", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5146"}, {"name": "20020703 SunPCi II VNC weak authentication scheme vulnerability", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0994", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-08-27T00:00:00", "dateUpdated": "2002-09-10T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}