Hello Rudi,
from what I heard only viewers were affected by several vulnerabilities. Not the server itself.
1. Is this correct, or were servers also affected?
2. A repeater listening on the standard viewerport for incoming reverse connections is a potential aim of people scanning for vulnerable vncviewers.
So, are we sure, that repeater is not vulnerable the same way the viewers were?
Why am I asking?
We have 2 repeaters running on the same machine in the internet. One listening on standard ports, one not.
The repeater on standard ports was marauding, not reacting sufficiently and causing high CPU percentage. The other one not.
We use repeater from 17/12/2017
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Latest VNC vulnerabilities
-
Rudi De Vos
- Admin & Developer
- Posts: 6863
- Joined: 2004-04-23 10:21
- Contact:
Re: Latest VNC vulnerabilities
The problem was the viewer.
The server is well protected as we always considered the server as the weakest point.
If you connnect a fake server with the viewer, you could use huge screens sizes and names
to overwrite memory parts.
A repeater has a data buffer.
We read max x size and send it, no risk as we just read data, not the content and we never erad more then x.
Verifying code, thanks to Kapersky i now know the spots to check..
The server is well protected as we always considered the server as the weakest point.
If you connnect a fake server with the viewer, you could use huge screens sizes and names
to overwrite memory parts.
A repeater has a data buffer.
We read max x size and send it, no risk as we just read data, not the content and we never erad more then x.
Verifying code, thanks to Kapersky i now know the spots to check..
Re: Latest VNC vulnerabilities
THX for the answer.
-
Rudi De Vos
- Admin & Developer
- Posts: 6863
- Joined: 2004-04-23 10:21
- Contact:
Re: Latest VNC vulnerabilities
updated repeater 150
https://www.uvnc.eu/download/1230/repeater_150.zip
To be sure replaced some functions with the secure version.
Please test.
Already running 6 hours a testserver
https://www.uvnc.eu/download/1230/repeater_150.zip
To be sure replaced some functions with the secure version.
Please test.
Already running 6 hours a testserver
Re: Latest VNC vulnerabilities
Running since 09:00 in production environment, normal (heavily) used. No problems until now.