What are the signs of those you are finding? VNC actually uses a mini web server running on port 5800 by default to serve the java applet if you use that for your connections. Since it does nothing but serve the applet, its exposure is minimal. It is also definitely neither Apache nor IIS.
----- Original Message ----- From: "Pedro Lineu Orso" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, 2002-07-05 11:55 Subject: security holes in VNC > Hi All, > > I don4t know if this was posted before... > > I find two high security holes in WinVNC version 3.3.3 R9 running on > Windows 2000 Server: > > - Apache chunking interger overflow > - IIS Cumulative - ASP Chunked Encoding Overflow > > Does anibody know something about this ? > > TIA > > Pedro Lineu Orso > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
