oss-sec mailing list archives
Re: Neat VNC Security Vulnerability
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 3 Aug 2024 21:23:40 +0200
Hi, On Fri, Aug 02, 2024 at 02:46:48PM +0000, Dane Bouchie wrote:
This issue is basically CVE-2006-2369 On Aug 2, 2024 10:41 AM, Dane Bouchie <dbouchie () iradimed com> wrote: The client chooses the security type, so they can pass in "None" to the switch statement. is_allowed_security_type() now prevents that.
FTR, this issue has the following CVE assigned: https://www.cve.org/CVERecord?id=CVE-2024-42458 Regards, Salvatore
Current thread:
- Neat VNC Security Vulnerability Andri Yngvason (Aug 01)
- Re: Neat VNC Security Vulnerability Solar Designer (Aug 02)
- RE: Neat VNC Security Vulnerability Dane Bouchie (Aug 02)
- Re: Neat VNC Security Vulnerability Solar Designer (Aug 02)
- Re: Neat VNC Security Vulnerability Andri Yngvason (Aug 02)
- RE: Neat VNC Security Vulnerability Dane Bouchie (Aug 02)
- Re: Neat VNC Security Vulnerability Solar Designer (Aug 02)
- <Possible follow-ups>
- RE: Neat VNC Security Vulnerability Dane Bouchie (Aug 02)
- Re: Neat VNC Security Vulnerability Salvatore Bonaccorso (Aug 03)