As reported over the last several days, there is a critical problem with RealVNC 4.1.1, there is NOW an exploit in the wild for RealVNC 4.1.1, that SANS is looking for more information on. There are updates from RealVNC for all affected product lines. Other VNC implementations have not been reported to be affected. Only (as far as I know), RealVNC 4.1.1 on Windows (prior versions may be, but the initial report didn’t indicate 4.1.0 to be vulnerable.) Don’t take the last sentence to give an excuse NOT to check, check if you have updates for your vnc product.
Here are some samples from incidents.org…
Austin from the UK reports that all shared printers in his office stated to print:
Dear Network Administrator.
Please do not be alarmed.
My team is network security specialist.
You are using a vulnerable version of VNC.
Please upgrade your version soon.
We have not accessed your data but we could have.
Have a nice day
The intrusion reportedly happened on a workstation where a visitor left a VNC server running.
He notes that “RealVNC logs all connection IP addresses in the event manager which some people didn’t know”.
An Anonymous report about the installation of typical tools installed by the warez and hacker crowd such as Serv-U and pwdump.
Related PostsRelated Posts
- How to Remove Cyber Security | Cyber Security Removal Guide Cyber Security is a rogue antivirus application. It is in the same family as totalsecurity (total security Removal Guide) and SystemSecurity. This software installs through web popups and trojan horse activity makes false claims about your system being compromised by viruses and other security problems, hijacks we browser activity claiming......
- Targetting the OS is old hat.... The Register sums up the Black Hat briefings pretty well. The Operating System level has received a lot of scrutiny in recent years for security flaws and as a result there has been a good deal of improvement there and so now, researchers are heading to the low hanging fruit......
- Mozilla Firefox 1.0x series end of life.... The Mozilla Firefox 1.0.x series will no longer be supported with security updates. IF you use Firefox as your web browser, make sure you're using the current version in the 1.5 series (currently 184.108.40.206). You can find what your current version is by going to Help, "About Mozilla Firefox". The......
- No More Checks For Social Security Benefits I've been waiting for this day to come for a long time (actually, it came a few months ago)! Effective May 1, 2011, applicants filing for Social Security and Supplemental Security Income (SSI) benefit payments must choose either direct deposit or the Direct Express® debit card. There will be no......
- Ethical Vulnerability Disclosure The debate on whether vulnerabilities should be disclosed to force a vendor to fix the problem in a reasonable period or kept covert until a fix has been implemented has been a big discussion in the Information Security field. Black Hats, White Hats and even Grey Hats have their opinions.......
- Credit Karma -- Free No Strings Credit Scoring Never before have Americans been so interested in their credit scores, and as such, numerous sites have cropped up offering to sell them. It can get pretty expensive if you want to keep checking your score with these sites and many people discover hidden monthly fees that rack up quickly.......
- RealVNC 4.1.2 update to patch security vulnerability
- Real VNC 4.1.1 vulnerability – Remote Access without password
- Possible network printing problems with the unofficial WMF patch
- VMPlayer on Mandriva 2006 finally…
- Apple Quicktime and OS X updates to patch multiple security vulnerabilities