RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2006-05-15T16:00:00
Updated: 2022-05-13T17:06:11
Reserved: 2006-05-15T00:00:00
Link: CVE-2006-2369
JSON object: View
NVD Information
Status : Modified
Published: 2006-05-15T16:06:00.000
Modified: 2022-05-13T18:15:08.127
Link: CVE-2006-2369
JSON object: View
Redhat Information
No data.
CWE