Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Latest VNC vulnerabilities

Post Reply
Prisma
100
100
Posts: 320
Joined: 2005-10-27 15:50

Latest VNC vulnerabilities

Post by Prisma »

‎Hello Rudi,

from what I heard only viewers were affected by several vulnerabilities. Not the server itself.
1. Is this correct, or were servers also affected?
2. A repeater listening on the standard viewerport for incoming reverse connections is a potential aim of people scanning for vulnerable vncviewers.
So, are we sure, that repeater is not vulnerable the same way the viewers were?

Why am I asking?
We have 2 repeaters running on the same machine in the internet. One listening on standard ports, one not.
The repeater on standard ports was marauding, not reacting sufficiently and causing high CPU percentage. The other one not.
We use repeater from 17/12/2017
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Latest VNC vulnerabilities

Post by Rudi De Vos »

The problem was the viewer.
The server is well protected as we always considered the server as the weakest point.

If you connnect a fake server with the viewer, you could use huge screens sizes and names
to overwrite memory parts.

A repeater has a data buffer.
We read max x size and send it, no risk as we just read data, not the content and we never erad more then x.
Verifying code, thanks to Kapersky i now know the spots to check..
Prisma
100
100
Posts: 320
Joined: 2005-10-27 15:50

Re: Latest VNC vulnerabilities

Post by Prisma »

THX for the answer.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Latest VNC vulnerabilities

Post by Rudi De Vos »

updated repeater 150

https://www.uvnc.eu/download/1230/repeater_150.zip

To be sure replaced some functions with the secure version.

Please test.
Already running 6 hours a testserver
Prisma
100
100
Posts: 320
Joined: 2005-10-27 15:50

Re: Latest VNC vulnerabilities

Post by Prisma »

Running since 09:00 in production environment, normal (heavily) used. No problems until now.
Post Reply