CVE-2006-2450 - Vulnerability Details - OpenCVE

auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Libvncserver	Libvncserver

Configuration 1 [-]

cpe:2.3:a:libvncserver:libvncserver:0.7.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824
http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u
http://seclists.org/fulldisclosure/2022/May/29
http://secunia.com/advisories/20940
http://secunia.com/advisories/21179
http://secunia.com/advisories/21349
http://secunia.com/advisories/21393
http://secunia.com/advisories/21405
http://secunia.com/advisories/24525
http://security.gentoo.org/glsa/glsa-200608-05.xml
http://security.gentoo.org/glsa/glsa-200608-12.xml
http://security.gentoo.org/glsa/glsa-200703-19.xml
http://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
http://www.securityfocus.com/archive/1/442986/100/0/threaded
http://www.securityfocus.com/bid/18977
http://www.vupen.com/english/advisories/2006/2797

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2006-07-14T22:00:00

Updated: 2024-08-07T17:51:04.809Z

Reserved: 2006-05-18T00:00:00

Link: CVE-2006-2450

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-07-18T15:40:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-2450

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-05T00:00:00", "descriptions": [{"lang": "en", "value": "auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as \"Type 1 - None\", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-05-13T17:06:09", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SUSE-SA:2006:042", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824"}, {"name": "24525", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24525"}, {"name": "ADV-2006-2797", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2797"}, {"name": "21349", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21349"}, {"name": "GLSA-200608-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200608-05.xml"}, {"name": "GLSA-200703-19", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200703-19.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584"}, {"name": "20940", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20940"}, {"name": "21393", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21393"}, {"name": "GLSA-200608-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200608-12.xml"}, {"name": "21405", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21405"}, {"name": "18977", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18977"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u"}, {"name": "21179", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21179"}, {"name": "20060811 Re: [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/442986/100/0/threaded"}, {"name": "20220513 some details regarding CVE-2022-24422 / iDRAC VNC authentication", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2022/May/29"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:51:04.809Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SA:2006:042", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824"}, {"name": "24525", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24525"}, {"name": "ADV-2006-2797", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2797"}, {"name": "21349", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21349"}, {"name": "GLSA-200608-05", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200608-05.xml"}, {"name": "GLSA-200703-19", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200703-19.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584"}, {"name": "20940", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20940"}, {"name": "21393", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21393"}, {"name": "GLSA-200608-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200608-12.xml"}, {"name": "21405", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21405"}, {"name": "18977", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18977"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u"}, {"name": "21179", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21179"}, {"name": "20060811 Re: [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/442986/100/0/threaded"}, {"name": "20220513 some details regarding CVE-2022-24422 / iDRAC VNC authentication", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/May/29"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-2450", "datePublished": "2006-07-14T22:00:00", "dateReserved": "2006-05-18T00:00:00", "dateUpdated": "2024-08-07T17:51:04.809Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libvncserver:libvncserver:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC2AED2D-3554-43A0-A7AF-9CBB383D7655", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as \"Type 1 - None\", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369."}, {"lang": "es", "value": "auth.c en LibVNCServer 0.7.1 permite a atacantes remotos evitar la validaci\u00f3n a trav\u00e9s de una respuesta en la cual el cliente especifica un tipo de seguridad insegura como por ejemplo \"Tipo 1 - None\", el cual es aceptado siempre aunque no es ofrecida por el servidor, un asunto diferente que CVE-2006-2369."}], "id": "CVE-2006-2450", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-07-18T15:40:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/fulldisclosure/2022/May/29"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20940"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21179"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21349"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21393"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21405"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24525"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200608-05.xml"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200608-12.xml"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200703-19.xml"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584"}, {"source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/442986/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/18977"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/2797"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2022/May/29"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20940"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21179"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21393"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21405"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24525"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200608-05.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200608-12.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200703-19.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=431724&group_id=32584"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/442986/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/18977"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2797"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Not vulnerable. This issue does not affect the versions of LibVNCServer as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.", "lastModified": "2006-08-24T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}