Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

May 18, 2006 Critical RealVNC vulnerability

A critical, remotely-exploitable vulnerability has been discovered in RealVNC version 4.1.1. Earlier versions may also be vulnerable. Several SCS hosts have already been broken into because of this vulnerability.

All RealVNC users MUST upgrade to Free Edition version 4.1.2 or Personal Edition/Enterprise Edition version 4.2.3.

Updated VNC software can be downloaded from:

http://www.realvnc.com/download.html

Additional information about this vulnerability can be found at:

http://www.kb.cert.org/vuls/id/117929

Please contact help@cs.cmu.edu with any questions.