Full Disclosure mailing list archives
Re: OSXvnc weakness
From: class <ad () class101 org>
Date: Wed, 22 Jun 2005 16:19:15 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's not about a bug, and try UltraVNC, TightVNC etc , there is securer ways of to use a null password, so stfu please or look at meetik.com bye nick johnson a écrit :
I belive we've already had this discussion, some people _want_ null passwords. This is not a bug. On 6/22/05, class <ad () class101 org> wrote:
OSXvnc for MACOSX allows you to setup a VNC server, the problem is the same as RealVNC, you can setup a null password without any warning; you can remotely scan wich OS is running this vnc and if yes/no password setup. http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034644.html I haven't pubbed my personal scanner about this weakness, but it has been tested severely working.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCuXM+LyZ8K9aT7rARAiWtAJ976Pw+tr1iHk9VI47WDNrQoEOrkwCgp88Q dx0Xz3CcyJVXcZs9DZ34FAg= =WQw7 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- OSXvnc weakness class (Jun 22)
- Re: OSXvnc weakness nick johnson (Jun 22)
- Re: OSXvnc weakness class (Jun 22)
- Re: OSXvnc weakness nick johnson (Jun 22)