CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-2206

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile40.49th
Published2006年5月5日
Last Modified2026年4月16日

Vulnerability Description

The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords.

Affected Platforms (CPE)

📦
Ultravnc

Ultravnc

= 1.0.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2006-05/0057.html
🔗 http://www.securityfocus.com/bid/17824
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/26283
🔗 http://archives.neohapsis.com/archives/bugtraq/2006-05/0057.html
🔗 http://www.securityfocus.com/bid/17824
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/26283

相關漏洞威脅

CVE-2009-038810.0

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a deni...

CVE-2018-153619.8

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. Th...

CVE-2019-82609.8

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. T...

CVE-2019-82589.8

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appea...