Security issue with downloadable U-VNC SC executable

grog · Post by **grog** » 2008-11-18 08:01

Hello forum !

We very thankfully use Ultra VNC SC, using an unique rc4Key as well as the MSRC4Plugin.dsm.

A Customer/friend asking for support can download the SC-executable from our website using a simple http Link anytime. That way help is easily accessible for the ones needing it.

However:
As the executable SC file is openly accessible by anyone who knows or finds the Download Link, my question:
1. Is this dangerous and a security issue ?
2. Can someone who downloads the SC executable (where the rc4 key is integrated) intercept an ongoing connection between me and a client ?

3. And if it makes the connections interceptable, what simple alternative would you propose ?

Thank you,

.

grog · Post by **grog** » 2008-11-21 09:29

Hey, hows it hanging ?

Do not tell me nobody knows an answer ??

X3 · Post by X3 » 2008-11-21 12:40

erm once you download once and browser/download page closed no one can find that link unless hacked your computer and vieweing history/cache

not sure if link stays live forever I dont think so but I may be wrong.

UltraVNC

Security issue with downloadable U-VNC SC executable

Security issue with downloadable U-VNC SC executable

Re: Security issue with downloadable U-VNC SC executable

Re: Security issue with downloadable U-VNC SC executable