WinVNC 3.3.3 and previous versions generates the same challenge string for multiple connections, which allows remote malicious users to bypass VNC authentication by sniffing the challenge and response of other users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
att winvnc |