Article 5423 at 06/05/28 00:16:57 From: adam.crews (at mark) gmail.com Subject: [coba-e:05423] Re: Kernel update question

Index: [Article Count Order] [Thread]
Date:  Sat, 27 May 2006 08:18:05 -0700
From:  "Adam Crews" <adam.crews (at mark) gmail.com>
Subject:  [coba-e:05423] Re: Kernel update question
To:  coba-e (at mark) bluequartz.org
Message-Id:  <1486c6440605270818q5fb32997m4be3230c3a3aa5f (at mark) mail.gmail.com>
In-Reply-To:  <005901c6819c$1746b930$14001fac@DELLP4TACO>
References:  <20060527095857.47F2911E24 (at mark) smtp.gprs.t-mobile.nl>	 <200605270824.50354.lesmith (at mark) ecsis.net>	 <005901c6819c$1746b930$14001fac (at mark) DELLP4TACO>
X-Mail-Count: 05423

I used this document http://pigtail.net/LRP/printsrv/cygwin-sshd.html a
while back to setup sshd on my windows machines, and I only use vnc over a
ssh tunnel.  This eliminates all the security issues with vnc.

-Adam

On 5/27/06, Taco Scargo <taco (at mark) scargo.nl> wrote:
>
> I just came across this report, thanks for letting me know though :)
>
> Updated VNC and ran a sanity check that no things were added.
>
> Taco
> ----- Original Message -----
> From: "Larry Smith" <lesmith (at mark) ecsis.net>
> To: <coba-e (at mark) bluequartz.org>
> Sent: Saturday, May 27, 2006 3:24 PM
> Subject: [coba-e:05419] Re: Kernel update question
>
>
> > On Saturday 27 May 2006 04:59, Taco Scargo wrote:
> >> It appears someone hacked my vnc password at home (or broke into my
> >> house)
> >> and sent the email with the rude dutch language in it to this mailing
> >> list.
> >> I apologize this happened. I have shutdown my pc at home so the person
> is
> >> unable to connect anymore.
> >
> > <quote from ISS>
> > Internet Security Systems Security Brief
> > May 25, 2006
> >
> > RealVNC Authentication Bypass
> >
> > Summary:
> >
> > During the second week of May, a RealVNC vulnerability was publicly
> > announced.  This issue allows a remote attacker to obtain access to a
> > vulnerable system without authentication.
> >
> > This week, our researchers detected active exploitation.  This
> > exploitation
> > indicates that attackers are connecting to vulnerable servers and
> gaining
> > unauthorized access (not simply probes for the vulnerability).
> >
> > Description:
> >
> > RealVNC Free Edition, Personal Edition, and Enterprise Edition could
> allow
> > a
> > remote attacker to bypass authentication and gain unauthorized access to
> > the
> > system. This is caused by the improper validation of the client
> > authentication method which could allow an attacker to successfully
> > authenticate to an affected system using the null authentication method.
> > </quote>
> >
> > --
> > Larry Smith
> > SysAd ECSIS.NET
> > sysad (at mark) ecsis.net
> >
> >
> >
> >
>
>
>
>


-- 
-----------------------------------------------------------------
Shroom.net Donation Based Web Hosting
http://www.shroom.net/
-----------------------------------------------------------------

	5423_2.html (attatchment)