Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

VNC vulnerability research

Post Reply
Sainsuper
40
40
Posts: 96
Joined: 2008-04-02 10:47

VNC vulnerability research

Post by Sainsuper »

Hello,
Kaspersky research have published many security vulnerability in many version of vnc, ultravnc too.

here a link:

https://ics-cert.kaspersky.com/reports/ ... -research/

Regard
SainSuper
Top
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6882
Joined: 2004-04-23 10:21
Contact:
Contact Rudi De Vos

Re: VNC vulnerability research

Post by Rudi De Vos »

We know, we are already a year in communication, issue's were fixed in the 1.2.2.4 (03/19) update.

Theissue's were in the viewer.
If you connect to a fake server, the server could send fake screen updates with bigger sizes then expected.
This could cause buffer overflows
Top
Sainsuper
40
40
Posts: 96
Joined: 2008-04-02 10:47

Re: VNC vulnerability research

Post by Sainsuper »

ok thanks rudi fior fast answer
Top
Post Reply

Return to “Old messages”