CVE-2006-2450
published 2006-07-18CVE-2006-2450: auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.28%
89.9th percentile
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libvncserver | < libvncserver 0.8.2-1 (bookworm) | libvncserver 0.8.2-1 (bookworm) |
| libvncserver | libvncserver | — | — |
| libvncserver_project | libvncserver | >= 0 < 0.8.2-1 | 0.8.2-1 |
| libvncserver_project | libvncserver | >= 0 < 0.8.2-1 | 0.8.2-1 |
| libvncserver_project | libvncserver | >= 0 < 0.8.2-1 | 0.8.2-1 |
| libvncserver_project | libvncserver | >= 0 < 0.8.2-1 | 0.8.2-1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ghjj-rq7v-wjhm: auth
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-2450 [HIGH] GHSA-ghjj-rq7v-wjhm: auth
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
OSV
CVE-2006-2450: auth
osv·2006-07-18·CVSS 7.5
CVE-2006-2450 [HIGH] CVE-2006-2450: auth
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
Debian
CVE-2006-2450: libvncserver - auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication vi...
vendor_debian·2006·CVSS 7.5
CVE-2006-2450 [HIGH] CVE-2006-2450: libvncserver - auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication vi...
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
Scope: local
bookworm: resolved (fixed in 0.8.2-1)
bullseye: resolved (fixed in 0.8.2-1)
forky: resolved (fixed in 0.8.2-1)
sid: resolved (fixed in 0.8.2-1)
trixie: resolved (fixed in 0.8.2-1)
Red Hat
CVE-2006-2450: auth
vendor_redhat·CVSS 7.5
CVE-2006-2450 [HIGH] CVE-2006-2450: auth
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
Statement: Not vulnerable. This issue does not affect the versions of LibVNCServer as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=uhttp://seclists.org/fulldisclosure/2022/May/29http://secunia.com/advisories/20940http://secunia.com/advisories/21179http://secunia.com/advisories/21349http://secunia.com/advisories/21393http://secunia.com/advisories/21405http://secunia.com/advisories/24525http://security.gentoo.org/glsa/glsa-200608-05.xmlhttp://security.gentoo.org/glsa/glsa-200608-12.xmlhttp://security.gentoo.org/glsa/glsa-200703-19.xmlhttp://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584http://www.novell.com/linux/security/advisories/2006_42_kernel.htmlhttp://www.securityfocus.com/archive/1/442986/100/0/threadedhttp://www.securityfocus.com/bid/18977http://www.vupen.com/english/advisories/2006/2797http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=uhttp://seclists.org/fulldisclosure/2022/May/29http://secunia.com/advisories/20940http://secunia.com/advisories/21179http://secunia.com/advisories/21349http://secunia.com/advisories/21393http://secunia.com/advisories/21405http://secunia.com/advisories/24525http://security.gentoo.org/glsa/glsa-200608-05.xmlhttp://security.gentoo.org/glsa/glsa-200608-12.xmlhttp://security.gentoo.org/glsa/glsa-200703-19.xmlhttp://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584http://www.novell.com/linux/security/advisories/2006_42_kernel.htmlhttp://www.securityfocus.com/archive/1/442986/100/0/threadedhttp://www.securityfocus.com/bid/18977http://www.vupen.com/english/advisories/2006/2797
2006-07-18
Published