Bugtraq mailing list archives
Re: VNC authentication weakness
From: Constantin Kaplinsky <const () ce cctpu edu ru>
Date: 26 Jul 2002 10:29:21 +0700
"JL" == Jack Lloyd <lloyd () acm jhu edu> writes:
JL> While looking at this, I noticed (in 3.3.3r2) that VNC seems to JL> use the password directly as a key to DES (truncating if the size JL> is > 8 and padding with NULL if it's < 8). Since DES ignores the JL> low bit of each byte of the key, this seems to mean that there are JL> many different passwords which will be accepted in place of the JL> "real" password. (Can someone confirm this is actually the case?) No, this is not the case. VNC uses modified DES library which ignores the most significant bit in each byte, not the least significant. That is, 7-bit ASCII characters cannot be confused with each other. -- With Best Wishes, Constantin
Current thread:
- VNC authentication weakness jepler (Jul 24)
- Re: VNC authentication weakness David Frascone (Jul 24)
- Re: VNC authentication weakness Iván Arce (Jul 24)
- Re: VNC authentication weakness Jack Lloyd (Jul 25)
- Re: VNC authentication weakness Constantin Kaplinsky (Jul 26)
- Re: VNC authentication weakness Andreas Beck (Jul 25)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Mitch Adair (Jul 26)
- Re: VNC authentication weakness Jose Nazario (Jul 26)
- Re: VNC authentication weakness Ariel Waissbein (Jul 27)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness David Frascone (Jul 24)
- <Possible follow-ups>
- RE: VNC authentication weakness Andrew van der Stock (Jul 26)
- Re: VNC authentication weakness Kragen Sitaker (Jul 28)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness Nate Lawson (Jul 29)
- Re: VNC authentication weakness Mike Porter (Jul 30)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)