VNC Flaw

meaz · 12 Jul 2006 at 14:42

Hi, ive been notified there is a hacked vnc viewer going around that allows no encryption so people can just do a port scan for port 5900 on an IP range and connect to their PC and control their computer. Just incase lots of people have port 5900 forwarded so they can view their PC from elsewhere on the Internet.

Be wary of this, with the program people don't need a password to view your PC.

meaz

The_KiD · 12 Jul 2006 at 14:44

There is a known exploit that could let an attacker on your system via the 5900 VNC port.

By using the below exploit code it is possible to use a VNC server without knowing its password by causing a client to authenticate through the attacking host, while the attacker redirects it to the server.

http://www.securiteam.com/exploits/6S0040A6AW.html

tbh use logmein instead, much more secure and much friendlier and faster and doesnt eat CPU on the remote machine either

VNC Flaw

meaz

meaz

The_KiD

The_KiD