Penetration Testing mailing list archives
RE: New VNC Attack tutorial
From: "Password Crackers, Inc." <pwcrack () pwcrack com>
Date: Thu, 22 Jun 2006 15:14:54 -0400
At the securigo site mentioned below, it is reported that this vulnerability affects versions 4.0 to 4.2.2. The most recent Free version available from RealVNC is 4.1.2, which appears to have been released in response to this disclosure in May. The Enterprise edition appears to be at 4.2.5 and there is also a Personal edition. Can someone clarify which editions/versions are affected? Is it the case that Free edition 4.1.1 and earlier are vulnerable, but that 4.1.2 patches the flaw? Bob Weiss Password Crackers, Inc. -----Original Message----- From: moty () netvision net il [mailto:moty () netvision net il] Sent: Wednesday, June 14, 2006 10:05 AM To: pen-test () securityfocus com Subject: New VNC Attack tutorial Hi All Step by step - Finding un-patched VNC machines http://www.securigo.com/VNC-advisory.htm Useful for penetration tests to check internal client network from outside/inside. Regards Moty (CEH,CISSP,CCSE,CCSA,CCNA,MCSE) Penetration tests by Real hackers http://www.securigo.com ---------------------------------------------------------------------------- -- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ---------------------------------------------------------------------------- -- ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- New VNC Attack tutorial moty (Jun 14)
- RE: New VNC Attack tutorial Password Crackers, Inc. (Jun 22)
- Re: New VNC Attack tutorial Morning Wood (Jun 22)
- <Possible follow-ups>
- Re: New VNC Attack tutorial leoneri (Jun 16)
- Re: New VNC Attack tutorial skarvin (Jun 16)
- Re: New VNC Attack tutorial leoneri (Jun 18)
- Re: New VNC Attack tutorial Luchino - Samel (Jun 16)
- Re: New VNC Attack tutorial Utmost Bastard (Jun 18)
- Product Security Assements sec nerd (Jun 18)
- Re[2]: New VNC Attack tutorial Thierry Zoller (Jun 18)
- Re: New VNC Attack tutorial skarvin (Jun 16)
- RE: New VNC Attack tutorial Password Crackers, Inc. (Jun 22)
- Re: New VNC Attack tutorial faz (Jun 16)