QwikSec

Security Database

CVE

CWE

Training

CVE-2006-1652

Published: Apr 6, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

exploit

x_refsource_EXPLOIT-DB

untr@vnc-error-bo(25648)

vdb-entry

x_refsource_XF

exploit

x_refsource_EXPLOIT-DB

ultr@vnc-vnclogreallyprint-bo(25650)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

20060411 Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC

mailing-list

x_refsource_BUGTRAQ

20060405 Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SREASON

20060404 Buffer-overflow in Ultr@VNC 1.0.1 viewer and server

mailing-list

x_refsource_BUGTRAQ

20060404 Buffer-overflow in Ultr@VNC 1.0.1 viewer and server

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.