Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14003
HistoryAug 23, 2006 - 12:00 a.m.

unauthorized VNC access in AK-Systems Windows Terminals

2006-08-2300:00:00
vulners.com
11
JSON

WinCE-based Windows Terminals (thin clients) manufactured by
AK-Systems (http://www.ak-systems.ru/) with firmware version 1.2.5 ExVLP
feature a VNC server for remote administration and setup. The VNC
access is not protected by password, so anyone with a VNC client can
connect to the terminal and watch the user's RDP/Citrix session, or even
meddle into it.

Workaround suggested by vendor: older firmware without VNC support
should be installed on the terminal.


Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:[email protected]

JSON