What is CVE-2006-2369?

CVE-2006-2369 is a vulnerability in N/a. Published 2006-05-15.

Is CVE-2006-2369 known to be exploited?

11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-2369

RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None"…

EPSS: 0.923 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

8355 (x_refsource_SREASON, third-party-advisory)
ADV-2006-2492 (vdb-entry, x_refsource_VUPEN)
20107 (x_refsource_SECUNIA, third-party-advisory)
20060623 Linux VNC evil client patch - BID 17978 (mailing-list, x_refsource_BUGTRAQ)
20060516 re: RealVNC 4.1.1 Remote Compromise (mailing-list, x_refsource_BUGTRAQ)
20060515 Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise (mailing-list, x_refsource_BUGTRAQ)
20060515 RealVNC 4.1.1 Remote Compromise (mailing-list, x_refsource_FULLDISC)
www.realvnc.com/products/free/4.1/release-notes.html (x_refsource_CONFIRM)
VU#117929 (x_refsource_CERT-VN, third-party-advisory)
20060624 Re: Linux VNC evil client patch - BID 17978 (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2006-2369?: CVE-2006-2369 is a vulnerability in N/a. Published 2006-05-15.
Is CVE-2006-2369 known to be exploited?: 11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.