The vncserver wrapper for vnc prior to 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tightvnc tightvnc 1.2.0 |
||
tightvnc tightvnc 1.2.1 |
||
tightvnc tightvnc 1.2.2 |
||
tightvnc tightvnc 1.2.3 |
||
tightvnc tightvnc 1.2.4 |
||
att vnc 3.3.4 |
||
att vnc 3.3.6 |
||
att vnc 3.3.3 |
||
att vnc 3.3.3r2 |
||
att vnc 3.3.5 |
||
tightvnc tightvnc 1.2.5 |