Vulnerabilities > CVE-2002-1511 - Authentication Cookie Predictability vulnerability in TightVNC Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 | |
| Application | 6 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2003-022.NASL description A vulnerability was discovered in the VNC server script that generates an X cookie, used by X authentication. The script generated a cookie that was not strong enough and allow an attacker to more easily guess the authentication cookie, thus obtaining unauthorized access to the VNC server. last seen 2020-06-01 modified 2020-06-02 plugin id 14007 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14007 title Mandrake Linux Security Advisory : vnc (MDKSA-2003:022) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-068.NASL description Updated VNC packages are available to fix a weak cookie vulnerability. VNC is a tool for providing a remote graphical user interface. The VNC server acts as an X server, but the script for starting it generates an MIT X cookie (which is used for X authentication) without using a strong enough random number generator. This could allow an attacker to be able to more easily guess the authentication cookie. All users of VNC are advised to upgrade to these erratum packages, which contain a patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 12370 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12370 title RHEL 2.1 : vnc (RHSA-2003:068)
Redhat
| advisories |
|
References
- http://changelogs.credativ.org/debian/pool/main/v/vnc/vnc_3.3.6-3/changelog
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000640
- http://security.gentoo.org/glsa/glsa-200302-15.xml
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/56161
- http://www.iss.net/security_center/static/11384.php
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:022
- http://www.redhat.com/support/errata/RHSA-2003-041.html
- http://www.redhat.com/support/errata/RHSA-2003-068.html
- http://www.securityfocus.com/bid/6905