Hi
On Sun, Oct 29, 2006 at 07:51:20AM -0800, Kees Cook wrote:
> On Sun, Oct 29, 2006 at 10:23:04AM +0100, Ola Lundqvist wrote:
> > Thanks for letting me know, but this was actually fixed in the
> > Debian package before the fixed realvnc was released, and before a CVE
> > number was assigned to th
Package: vnc4
Version: 4.1.1+X4.3.0-19
Severity: grave
Tags: security
RealVNC 4.1.2 was released to plug holes in authentication handling.
Quoting the CVE:
'allows remote attackers to bypass authentication via a request in which
the client specifies an insecure security type such as "Type 1 -
2 matches
Mail list logo
