CVE-2002-0971
https://notcve.org/view.php?id=CVE-2002-0971
Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box. Vulnerabilidad en VNC, TightVNC, y TridiaVNC permite a usuarios locales ejecutar código arbitrario como LocalSystem usando el sistema de mensajes de Win32 para evitar el GUI (Interfaz Gráfico de Úsuario) y acceder al cuadro de diálogo "Añadir nuevos clientes" • http://marc.info/?l=bugtraq&m=102994289123085&w=2 http://www.iss.net/security_center/static/9979.php http://www.securityfocus.com/bid/5530 •
CVE-2001-0168 – WinVNC Web Server 3.3.3r7 - GET Overflow
https://notcve.org/view.php?id=CVE-2001-0168
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. • https://www.exploit-db.com/exploits/16491 http://marc.info/?l=vnc-list&m=98080763005455&w=2 http://www.kb.cert.org/vuls/id/598581 http://www.securityfocus.com/bid/2306 https://exchange.xforce.ibmcloud.com/vulnerabilities/6026 •
CVE-2001-0167 – RealVNC 3.3.7 - Client Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0167
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. • https://www.exploit-db.com/exploits/16489 http://marc.info/?l=bugtraq&m=98088315825366&w=2 http://www.securityfocus.com/bid/2305 https://exchange.xforce.ibmcloud.com/vulnerabilities/6025 •
CVE-2001-1422
https://notcve.org/view.php?id=CVE-2001-1422
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. • http://www.kb.cert.org/vuls/id/303080 http://www.securityfocus.com/bid/2275 http://www1.corest.com/common/showdoc.php?idxseccion=10&idx=117 https://exchange.xforce.ibmcloud.com/vulnerabilities/5992 •
CVE-2000-1164
https://notcve.org/view.php?id=CVE-2000-1164
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0253.html http://www.securityfocus.com/bid/1961 https://exchange.xforce.ibmcloud.com/vulnerabilities/5545 •