Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
Advanced search tips 
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

May 18, 2006 Critical RealVNC vulnerability

A critical, remotely-exploitable vulnerability has been discovered in RealVNC version 4.1.1. Earlier versions may also be vulnerable. Several SCS hosts have already been broken into because of this vulnerability.

All RealVNC users MUST upgrade to Free Edition version 4.1.2 or Personal Edition/Enterprise Edition version 4.2.3.

Updated VNC software can be downloaded from:

Additional information about this vulnerability can be found at:

Please contact with any questions.