ID CVE-2001-0167
Summary Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
References
Vulnerable Configurations
  • cpe:2.3:a:att:winvnc:3.3.3r7
    cpe:2.3:a:att:winvnc:3.3.3r7
CVSS
Base: 7.6 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description RealVNC 3.3.7 Client Buffer Overflow. CVE-2001-0167. Remote exploit for windows platform
id EDB-ID:16489
last seen 2016-02-01
modified 2010-04-30
published 2010-04-30
reporter metasploit
source https://www.exploit-db.com/download/16489/
title RealVNC 3.3.7 - Client Buffer Overflow
metasploit via4
description This module exploits a buffer overflow in RealVNC 3.3.7 (vncviewer.exe).
id MSF:EXPLOIT/WINDOWS/VNC/REALVNC_CLIENT
last seen 2019-03-24
modified 2017-07-24
published 2006-12-14
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/vnc/realvnc_client.rb
title RealVNC 3.3.7 Client Buffer Overflow
packetstorm via4
data source https://packetstormsecurity.com/files/download/83177/realvnc_client.rb.txt
id PACKETSTORM:83177
last seen 2016-12-05
published 2009-11-26
reporter MC
source https://packetstormsecurity.com/files/83177/RealVNC-3.3.7-Client-Buffer-Overflow.html
title RealVNC 3.3.7 Client Buffer Overflow
refmap via4
bid 2305
bugtraq 20010129 [CORE SDI ADVISORY] WinVNC client buffer overflow
xf winvnc-client-bo(6025)
Last major update 17-10-2016 - 22:10
Published 03-05-2001 - 00:00
Last modified 18-12-2017 - 21:29
Back to Top