» Home     » How To…   » Site Map   » Contact Us 
 Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
Your location: Home > News archives > May 18, 2006 Critical RealVNC vulnerability
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail & netnews 
 » Networking 
 » Printing 
 » Purchasing 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Macintosh support 
 » Linux support 
 » Windows PC support 

May 18, 2006 Critical RealVNC vulnerability

A critical, remotely-exploitable vulnerability has been discovered in RealVNC version 4.1.1. Earlier versions may also be vulnerable. Several SCS hosts have already been broken into because of this vulnerability.

All RealVNC users MUST upgrade to Free Edition version 4.1.2 or Personal Edition/Enterprise Edition version 4.2.3.

Updated VNC software can be downloaded from:

http://www.realvnc.com/download.html

Additional information about this vulnerability can be found at:

http://www.kb.cert.org/vuls/id/117929

Please contact help@cs.cmu.edu with any questions.




 This site is maintained by SCS Computing Facilities; send comments to help@cs.cmu.edu.
 Accessibility information  © Carnegie Mellon School of Computer Science