Description

RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.

INFO

Published Date :

May 15, 2006, 4:06 p.m.

Last Modified :

Nov. 21, 2024, 12:11 a.m.

Remotely Exploitable :

Yes !

Impact Score :

6.4

Exploitability Score :

10.0
Public PoC/Exploit Available at Github

CVE-2006-2369 has a 5 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2006-2369 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Vnc realvnc
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2006-2369.

URL Resource
http://marc.info/?l=full-disclosure&m=114768344111131&w=2
http://marc.info/?l=vnc-list&m=114755444130188&w=2
http://seclists.org/fulldisclosure/2022/May/29
http://secunia.com/advisories/20107 Patch Vendor Advisory
http://secunia.com/advisories/20109 Patch Vendor Advisory
http://secunia.com/advisories/20789 Vendor Advisory
http://securityreason.com/securityalert/8355
http://securitytracker.com/id?1016083 Exploit Patch
http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml
http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html
http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html Exploit Patch
http://www.kb.cert.org/vuls/id/117929 Patch Third Party Advisory US Government Resource
http://www.osvdb.org/25479
http://www.realvnc.com/products/free/4.1/release-notes.html Patch
http://www.securityfocus.com/archive/1/433994/100/0/threaded
http://www.securityfocus.com/archive/1/434015/100/0/threaded
http://www.securityfocus.com/archive/1/434117/100/0/threaded
http://www.securityfocus.com/archive/1/434518/100/0/threaded
http://www.securityfocus.com/archive/1/434560/100/0/threaded
http://www.securityfocus.com/archive/1/438175/100/0/threaded
http://www.securityfocus.com/archive/1/438368/100/0/threaded
http://www.securityfocus.com/bid/17978 Exploit Patch
http://www.vupen.com/english/advisories/2006/1790 Vendor Advisory
http://www.vupen.com/english/advisories/2006/1821 Vendor Advisory
http://www.vupen.com/english/advisories/2006/2492 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26445
http://marc.info/?l=full-disclosure&m=114768344111131&w=2
http://marc.info/?l=vnc-list&m=114755444130188&w=2
http://seclists.org/fulldisclosure/2022/May/29
http://secunia.com/advisories/20107 Patch Vendor Advisory
http://secunia.com/advisories/20109 Patch Vendor Advisory
http://secunia.com/advisories/20789 Vendor Advisory
http://securityreason.com/securityalert/8355
http://securitytracker.com/id?1016083 Exploit Patch
http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml
http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html
http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html Exploit Patch
http://www.kb.cert.org/vuls/id/117929 Patch Third Party Advisory US Government Resource
http://www.openwall.com/lists/oss-security/2024/08/02/8
http://www.osvdb.org/25479
http://www.realvnc.com/products/free/4.1/release-notes.html Patch
http://www.securityfocus.com/archive/1/433994/100/0/threaded
http://www.securityfocus.com/archive/1/434015/100/0/threaded
http://www.securityfocus.com/archive/1/434117/100/0/threaded
http://www.securityfocus.com/archive/1/434518/100/0/threaded
http://www.securityfocus.com/archive/1/434560/100/0/threaded
http://www.securityfocus.com/archive/1/438175/100/0/threaded
http://www.securityfocus.com/archive/1/438368/100/0/threaded
http://www.securityfocus.com/bid/17978 Exploit Patch
http://www.vupen.com/english/advisories/2006/1790 Vendor Advisory
http://www.vupen.com/english/advisories/2006/1821 Vendor Advisory
http://www.vupen.com/english/advisories/2006/2492 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26445

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

This is a repository that contains the project reports and other related information in relation to the Ethical Hacking Training Bootcamp at Virtual Infosec Africa Limited Training Lab at KNUST,Ghana.

Python

Updated: 2 days, 6 hours ago
0 stars 0 fork 0 watcher
Born at : Sept. 18, 2024, 12:56 a.m. This repo has been linked 11 different CVEs too.

Imoro Umar Farouq's report on Internal Network Penetration Testing

Shell

Updated: 3 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : Sept. 12, 2024, 11:46 a.m. This repo has been linked 161 different CVEs too.

A simple ruby tool to automate metasploit modules

metasploit msfs ruby shell bash exploit exploiter metasploit-modules

Shell Ruby

Updated: 6 months, 1 week ago
4 stars 1 fork 1 watcher
Born at : June 30, 2021, 12:38 p.m. This repo has been linked 4 different CVEs too.

exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House

Python C Shell Perl HTML C++

Updated: 1 month ago
418 stars 100 fork 100 watcher
Born at : March 23, 2019, 9:23 p.m. This repo has been linked 14 different CVEs too.

Autosploit = Automating Metasploit Modules.

metasploit metasploit-framework autosploit bash infosec cybersecurity hacking-tool hacking

Shell Ruby

Updated: 1 month, 2 weeks ago
74 stars 32 fork 32 watcher
Born at : June 18, 2017, 4:31 p.m. This repo has been linked 4 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2006-2369 vulnerability anywhere in the article.

  • Cybersecurity News
CVE-2024-42458 (CVSS 9.8) – New Security Vulnerability in Neat VNC: Urgent Patch Released

Neat VNC, a popular open-source VNC server library used for remote desktop access and screen sharing, has been found vulnerable to a security vulnerability (CVE-2024-42458, CVSS 9.8). This flaw could ... Read more

Published Date: Aug 09, 2024 (4 months, 1 week ago)

The following table lists the changes that have been made to the CVE-2006-2369 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=full-disclosure&m=114768344111131&w=2
    Added Reference http://marc.info/?l=vnc-list&m=114755444130188&w=2
    Added Reference http://seclists.org/fulldisclosure/2022/May/29
    Added Reference http://secunia.com/advisories/20107
    Added Reference http://secunia.com/advisories/20109
    Added Reference http://secunia.com/advisories/20789
    Added Reference http://securityreason.com/securityalert/8355
    Added Reference http://securitytracker.com/id?1016083
    Added Reference http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml
    Added Reference http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html
    Added Reference http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html
    Added Reference http://www.kb.cert.org/vuls/id/117929
    Added Reference http://www.openwall.com/lists/oss-security/2024/08/02/8
    Added Reference http://www.osvdb.org/25479
    Added Reference http://www.realvnc.com/products/free/4.1/release-notes.html
    Added Reference http://www.securityfocus.com/archive/1/433994/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/434015/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/434117/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/434518/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/434560/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/438175/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/438368/100/0/threaded
    Added Reference http://www.securityfocus.com/bid/17978
    Added Reference http://www.vupen.com/english/advisories/2006/1790
    Added Reference http://www.vupen.com/english/advisories/2006/1821
    Added Reference http://www.vupen.com/english/advisories/2006/2492
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/26445
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 13, 2022

    Action Type Old Value New Value
    Added Reference http://seclists.org/fulldisclosure/2022/May/29 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 18, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/434518/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/438368/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/438175/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/434117/100/0/threaded [Exploit]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/434560/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/434015/100/0/threaded [Patch]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/433994/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/438368/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/438175/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/434560/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/434518/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/434117/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/434015/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/433994/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 20, 2017

    Action Type Old Value New Value
    Removed Reference http://xforce.iss.net/xforce/xfdb/26445 [No Types Assigned]
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/26445 [No Types Assigned]
  • CVE Translated by [email protected]

    Oct. 20, 2016

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Oct. 18, 2016

    Action Type Old Value New Value
    Removed Reference http://marc.theaimsgroup.com/?l=vnc-list&m=114755444130188&w=2
    Removed Reference http://marc.theaimsgroup.com/?l=full-disclosure&m=114768344111131&w=2
    Added Reference http://marc.info/?l=vnc-list&m=114755444130188&w=2
    Added Reference http://marc.info/?l=full-disclosure&m=114768344111131&w=2
  • Initial Analysis by [email protected]

    May. 16, 2006

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2006-2369 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

96.72 }} -0.42%

score

0.99776

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability