{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-05-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as \"Type 1 - None\", which is accepted even if it is not offered by the server, as originally demonstrated using a long password."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-05-13T17:06:11.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"8355","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/8355"},{"name":"ADV-2006-2492","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/2492"},{"name":"20107","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20107"},{"name":"20060623 Linux VNC evil client patch - BID 17978","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/438175/100/0/threaded"},{"name":"20060516 re: RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/434117/100/0/threaded"},{"name":"20060515 Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/434015/100/0/threaded"},{"name":"20060515 RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://marc.info/?l=full-disclosure&m=114768344111131&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.realvnc.com/products/free/4.1/release-notes.html"},{"name":"VU#117929","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/117929"},{"name":"20060624 Re: Linux VNC evil client patch - BID 17978","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/438368/100/0/threaded"},{"name":"20060520 Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/434560/100/0/threaded"},{"tags":["x_refsource_MISC"],"url":"http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html"},{"name":"1016083","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1016083"},{"name":"ADV-2006-1821","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1821"},{"tags":["x_refsource_MISC"],"url":"http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html"},{"name":"realvnc-auth-bypass(26445)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26445"},{"name":"20060515 RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/433994/100/0/threaded"},{"name":"17978","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/17978"},{"name":"25479","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/25479"},{"name":"20109","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20109"},{"name":"20060622 RealVNC Remote Authentication Bypass Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml"},{"name":"[vnc-list] 20060513 Version 4.1.2","tags":["mailing-list","x_refsource_MLIST"],"url":"http://marc.info/?l=vnc-list&m=114755444130188&w=2"},{"name":"ADV-2006-1790","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1790"},{"name":"20060518 RE: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/434518/100/0/threaded"},{"name":"20789","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20789"},{"name":"20220513 some details regarding CVE-2022-24422 / iDRAC VNC authentication","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2022/May/29"}]},"adp":[{"title":"CVE Program Container","references":[{"url":"http://www.openwall.com/lists/oss-security/2024/08/02/8"},{"name":"8355","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/8355"},{"name":"ADV-2006-2492","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/2492"},{"name":"20107","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20107"},{"name":"20060623 Linux VNC evil client patch - BID 17978","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/438175/100/0/threaded"},{"name":"20060516 re: RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434117/100/0/threaded"},{"name":"20060515 Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434015/100/0/threaded"},{"name":"20060515 RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://marc.info/?l=full-disclosure&m=114768344111131&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.realvnc.com/products/free/4.1/release-notes.html"},{"name":"VU#117929","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/117929"},{"name":"20060624 Re: Linux VNC evil client patch - BID 17978","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/438368/100/0/threaded"},{"name":"20060520 Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434560/100/0/threaded"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html"},{"name":"1016083","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1016083"},{"name":"ADV-2006-1821","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1821"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html"},{"name":"realvnc-auth-bypass(26445)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26445"},{"name":"20060515 RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/433994/100/0/threaded"},{"name":"17978","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/17978"},{"name":"25479","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/25479"},{"name":"20109","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20109"},{"name":"20060622 RealVNC Remote Authentication Bypass Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml"},{"name":"[vnc-list] 20060513 Version 4.1.2","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://marc.info/?l=vnc-list&m=114755444130188&w=2"},{"name":"ADV-2006-1790","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1790"},{"name":"20060518 RE: [Full-disclosure] RealVNC 4.1.1 Remote Compromise","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434518/100/0/threaded"},{"name":"20789","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20789"},{"name":"20220513 some details regarding CVE-2022-24422 / iDRAC VNC authentication","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2022/May/29"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T17:51:03.610Z"}}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2006-2369","datePublished":"2006-05-15T16:00:00.000Z","dateReserved":"2006-05-15T00:00:00.000Z","dateUpdated":"2024-08-07T17:51:03.610Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}