The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
CVSS Score
5.0
EPSS Score
0.009
Published
2003-03-03