CVE-2002-0994

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

Date published : 2002-08-31

http://www.securityfocus.com/bid/5146

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html