Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OSXvnc weakness

From: nick johnson <ch0pstik () gmail com>
Date: Wed, 22 Jun 2005 09:01:26 -0500
I belive we've already had this discussion, some people _want_ null
passwords. This is not a bug.

On 6/22/05, class <ad () class101 org> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OSXvnc for MACOSX allows you to setup a VNC server, the problem is the
same as RealVNC, you can setup a null password without any warning;
you can remotely scan wich OS is running this vnc and if yes/no
password setup.


http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034644.html

I haven't pubbed my personal scanner about this weakness, but it has
been tested severely working.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFCuWiXLyZ8K9aT7rARAo4vAJsGCpLsF/tHifJEqHFum/L85Gs4cQCeLNHb
XpNS3LfcgFTocD+I+8dS9EI=
=zMga
-----END PGP SIGNATURE-----


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: