Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Ultra VNC-3DES-is it secure
From: "Israel Ochoa" <israel () telvista com mx>
Date: Tue, 22 Jan 2008 11:44:17 -0800

Is it secure against Man in the middle attack?
No.

It's kind of insecure, that's because with a "man-in-the-middle" attack you can get the hash of the VNC password (i.e. 
using Cain) and then using a dictionary or brute force attack you can guess the password, that depends if it is complex 
or not, and take control of that computer.
Using a sniffer and the same attack you can view all data between VNC client and server. 

Do I need to report this as a CRITICAL/HIGH security issue..

IMHO Yes, you can consider this as a high issue.

If your client still want to use VNC as a remote connection solution, they can use the AES plugin for UltraVNC.

Israel Ochoa

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of pentestr
Sent: Viernes, 18 de Enero de 2008 12:46 p.m.
To: Pentest Mailinglist
Subject: Ultra VNC-3DES-is it secure

hi hackers,
I am doing a VA/PT for one our client and found one of the servers is 
using Ultra VNC. The ports (5800 & 5900) are open to Internet. Is it 
secure against Man in the middle attack?
Do I need to report this as a CRITICAL/HIGH security issue..

Thanks & Rgds.
P.T.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


______________________________________________________________________
This e-mail has been scanned by MCI Managed Email Content Service, using Skeptic(tm) technology powered by MessageLabs. 
For more information on MCI's Managed Email Content Service, visit http://www.mci.com.
______________________________________________________________________ 
--------------------------------------------------------


          TELVISTA CERTIFIED

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]