CVE-2006-2369

Source
https://cve.org/CVERecord?id=CVE-2006-2369
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-2369.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2006-2369
Withdrawn
2024-06-30T15:57:05.676932Z
Published
2006-05-15T16:06:00Z
Modified
2024-06-04T04:00:19Z
Summary
[none]
Details

RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.

References

Affected packages

Debian:10 / vnc4

Package

Name
vnc4
Purl
pkg:deb/debian/vnc4?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.1+X4.3.0-10

Ecosystem specific

{
    "urgency": "high"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-2369.json"