Read Time:24 Second
Posted by christian mock on May 13
The Dell advisory is a bit low on details, so:
The vulnerability is really just CVE-2006-2369 / CVE-2006-2450, but
wrapped in TLS (we’re in the 2020s, our auth bypasses are secure now!)
That means that your vuln scanner might or might not detect it, Nessus
for example does, but Nexpose apparently doesn’t.
It also means that metasploit’s “realvnc_41_bypass” is not directly
usable, you need to use your favorite TLS…
More Stories
USN-6992-2: Firefox regressions
USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...