Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AT&T WinVNC 客户程序缓冲区溢出漏洞
Vulnerability Description
CVE(CAN) ID: CAN-2001-0167 VNC 指虚拟网络计算软件包。它是可免费获得的远程 管理软件包,设计用来访问远程系统的桌面,由 AT&T 发行和维护。 该软件包的客户部分存有问题,这使得远程用户可以 执行任意代码。问题来源于在连接和认证时客户端对 服务器发给客户的 rfbConnFailed 包的处理。发送 这个包是出错回应,通常是告知客户连接尝试已失败。 这时客户端通过一个日志例程传递这个包的内容供将 来管理作参考。然而,通过伪造服务器版本号,并且 在发送 rfbConnFaile
CVSS Information
N/A
Vulnerability Type
N/A