NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Secunia Advisories> 2003-q3

[sec-adv] Sun Linux update for VNC

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Aug 19 2003 - 02:56:12 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Sun Linux update for VNC

READ ONLINE:
http://www.secunia.com/advisories/9557/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
Sun Linux 5.x

DESCRIPTION:
Sun has issued updated packages for VNC. These fix two older
vulnerabilities, which potentially can allow malicious people to gain
access to the VNC server.

1) A vulnerability has been identified in the challenge response
model used by VNC, since the challenge supplied by the server is
based on time and only changes once every second. This allows
malicious people, who can sniff the traffic, to replay the session
within the same second thus gaining access to the VNC server.

2) When acting as an XServer, VNC generates insecure cookies used for
authentication. The problem is that these cookies are not generated
randomly enough, enabling a malicious person to guess it and thus
gain access to the VNC server.

SOLUTION:
Updated packages:

ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPMS/vnc-3.3.3r2-18.6.i386.rpm
ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPMS/vnc-doc-3.3.3r2-18.6.i386.rpm
ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPMS/vnc-server-3.3.3r2-18.6.i386.rpm

SRPM:
ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/SRPMS/vnc-3.3.3r2-18.6.src.rpm

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]