VNC users read - fairly important

Dracata

Dracata

Dracata

Associate
Joined
21 Oct 2006
Posts
1,615
Location
Cambridge
For users of VNC Free/Personal/Enterprise Edition (from RealVNC), please upgrade to the latest release:

http://www.realvnc.com/cgi-bin/download.cgi

There is a potential security exploit in the listening viewer for which we've issued a patch. If you're interested about the actual exploit, i've written about it on my website, link in sig. If not, just upgrade and get on with your lives :p

If you use UltraVNC or any other release in fact, it would be worth looking into whether or not they've patched this exploit. Most VNC releases are based off of our VNC Free Edition codebase, meaning that any exploits that were present in it will be present in their codebase aswell.

Oh and this isn't to start a thread about saying X remote control is better than Y, just to let VNC users know that they should update their viewers.
 
Deiwos said:
Cheers, passed this on to our network guy. Lets see if he's as lazy as we all think he is.
Click to expand...

Haha.. most are.. Some people have already stated 'Oh it's fine is just the listening viewer.. we don't use that'.

All past/present customers were sent a mailshot, although it's possible people have changed e-mail addresses etc, and that only applies to personal/enterprise edition people.

Btw, love the song in your sig :)
 
Thanks for the heads up.

Do you have the source for this information? I've tried looking on their site but no details.
 
Is RealVNC any better than tightvnc? Not to spark a flame war just interested as I've only been using tightvnc for a few months.
 
Mattey1 said:
Is RealVNC any better than tightvnc? Not to spark a flame war just interested as I've only been using tightvnc for a few months.
Click to expand...

Free edition or the commercial software? TightVNC is based on VNC Free Edition, and has improved upon it (VNC FE hasn't been updated in a few years).

VNC Enterprise edition is miles better.
 
Dracata said:
Free edition or the commercial software? TightVNC is based on VNC Free Edition, and has improved upon it (VNC FE hasn't been updated in a few years).

VNC Enterprise edition is miles better.
Click to expand...

So I guess both free ones are the same then heh? :) I will have to look into the commercial version.
 
Are all the VNC versions open to this vulnerability then (VNC / Ultra / Tight etc) or is it just the plain old VNC one?

WIll tell the guys at work tomorrow!

Thanks for the heads up though.
 
malef!c said:
Are all the VNC versions open to this vulnerability then (VNC / Ultra / Tight etc) or is it just the plain old VNC one?

WIll tell the guys at work tomorrow!

Thanks for the heads up though.
Click to expand...

Probably all versions - Ultra/Tight and others are based off of our Free Edition codebase. It's not our responsibility to contact third-party developments of our GPL code, so we've no idea if they've updated to take in account the vulnerability. We assume any serious developments (Ultra/Tight) to note, will monitor free edition releases, and they can update respectively.
 
You must log in or register to reply here.
Back
Top Bottom