Nmap Development mailing list archives

[NSE Script] RealVNC Authentication Bypass (CVE-2006-2369)

From: "Brandon Enright" <bmenrigh () ucsd edu>
Date: Thu, 17 Aug 2006 01:22:20 -0000

Here is a NSE/Lua script for detecting RealVNC servers vulnerable to the
remote authentication bypass described at
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2369.

This is my first Lua/NSE script and the first(?) vulnerability script so it
could probably use a looking over for style and robustness.  Count this as
my vote for including Diman's NSE patch with Nmap ;-).

This script has been tested against a couple /16 networks on ports 5900-5999
and has worked without incident so inclined to say it works.

If this attachment gets stripped a copy of it is available at
http://noh.ucsd.edu/~bmenrigh/RealVNC_auth_bypass.lua.

Feedback is wanted.

Brandon


-- 
Brandon Enright
Network Security Analyst
UCSD ACS/Network Operations
bmenrigh () ucsd edu


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[NSE Script] RealVNC Authentication Bypass (CVE-2006-2369) Brandon Enright (Aug 16)
- Re: [NSE Script] RealVNC Authentication Bypass (CVE-2006-2369) Brandon Enright (Aug 16)