ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html | Exploit Third Party Advisory VDB Entry |
https://github.com/bewest/thinvnc/issues/5 | Third Party Advisory |
https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py | Broken Link |
https://redteamzone.com/ThinVNC/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-16T17:24:07
Updated: 2019-10-17T16:06:07
Reserved: 2019-10-16T00:00:00
Link: CVE-2019-17662
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-16T18:15:25.513
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-17662
JSON object: View
Redhat Information
No data.