Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2002-1511

The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.3%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2002-1511
  • Att » Vnc » Version: 3.3.3
    cpe:2.3:a:att:vnc:3.3.3
  • Att » Vnc » Version: 3.3.3r2
    cpe:2.3:a:att:vnc:3.3.3r2
  • Att » Vnc » Version: 3.3.4
    cpe:2.3:a:att:vnc:3.3.4
  • Att » Vnc » Version: 3.3.5
    cpe:2.3:a:att:vnc:3.3.5
  • Att » Vnc » Version: 3.3.6
    cpe:2.3:a:att:vnc:3.3.6
  • Tightvnc » Tightvnc » Version: 1.2.0
    cpe:2.3:a:tightvnc:tightvnc:1.2.0
  • Tightvnc » Tightvnc » Version: 1.2.1
    cpe:2.3:a:tightvnc:tightvnc:1.2.1
  • Tightvnc » Tightvnc » Version: 1.2.2
    cpe:2.3:a:tightvnc:tightvnc:1.2.2
  • Tightvnc » Tightvnc » Version: 1.2.3
    cpe:2.3:a:tightvnc:tightvnc:1.2.3
  • Tightvnc » Tightvnc » Version: 1.2.4
    cpe:2.3:a:tightvnc:tightvnc:1.2.4
  • Tightvnc » Tightvnc » Version: 1.2.5
    cpe:2.3:a:tightvnc:tightvnc:1.2.5


Contact Us

Shodan ® - All rights reserved