Full Disclosure mailing list archives
Re: VNC viewers: Clipboard of host automatically sent to remote machine
From: Giles Coochey <giles () coochey net>
Date: Tue, 24 Jan 2012 15:32:33 +0000
On 2012-01-24 13:34, Ben Bucksch wrote:
Affected Products: GNOME Vinagre and many other VNC viewers Reproduction: 1. On your trusted desktop (e.g. Linux), open a text editor 2. Type "My password", select the text, and hit Ctrl-C 3. Open a Vinagre VNC connection to a remote host, e.g. running an untrusted Windows 4. On the remote Windows host, open notepad.exe 5. In notepad's menu bar, using the mouse, click on Edit|Paste Actual result: notepad.exe shows "My password" Expected result: Nothing. Impact: Because I use a different password for every service, I have to copy&paste them (on my trusted desktop). However, the remote machine is not trusted. In some cases, it's owned by a different company, in other cases I use VNC and a different machine specifically because I don't trust the software and want it jailed. If the untrusted host can get to my passwords from my trusted desktop, that's a critical security hole, because my passwords leak, and they may well give full access to other machines, my bank account or other highly sensitive data. Affected users: Using VNC is common usage pattern also used by government agencies handling highly sensible documents (on the trusted host desktop system) while moving dangerous but necessary uses like Internet access, Windows system and similar needs on physically different machines that are accessed via VNC. The purpose is that the untrusted system has no way to get to the information on the trusted desktop, but that assumption is violated here. Even normal users will be at risk. Many copy&paste passwords, or they copy&paste snipplets of sensitive Word processing documents, e.g. business plans. Solution: Given that most users are unaware of this risk, although the danger may nevertheless be very real for them, it is necessary for the default configuration to be secure. They cannot be expected to actively change preferences or the software to protect themselves, because the problem isn't obvious in the first place. Possible solutions: 1) a pref, with default off and a clear warning about this problem, because many users will not be aware of it. A pref with default on or without a clear warning is *not* sufficient. 2) Better yet: A button on the toolbar "Copy clipboard" Text is copied from host desktop clipboard to remote machine clipboard only when that button is pressed. 3) A combination of 1) and 2)
Many viewers, including RealVNC have the option to disable the shared clipboard. Check your preferences. -- Message sent via my webmail account. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Nick FitzGerald (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Dan Kaminsky (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Henri Salo (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine coderman (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)