Weak Authentication Scheme in SunPCi II VNC Allows Remote Password Sniffing

Weak Authentication Scheme in SunPCi II VNC Allows Remote Password Sniffing

CVE-2002-0994 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

Learn more about our Web Application Penetration Testing UK.