Att

Winvnc

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2001-0167

  • EPSS 65.4%
  • Veröffentlicht 03.05.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.

10

CVE-2001-0168

  • EPSS 67.36%
  • Veröffentlicht 03.05.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.

7.5

CVE-2001-1422

  • EPSS 1.39%
  • Veröffentlicht 23.01.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.

9

CVE-2000-1164

  • EPSS 0.31%
  • Veröffentlicht 09.01.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.