CVE-2002-0994 Information

Description

SunPCi II VNC uses a weak authentication scheme which allows remote attackers to obtain the VNC password by sniffing the random byte challenge which is used as the key for encrypted communications.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html http://www.iss.net/security_center/static/9476.php http://www.securityfocus.com/bid/5146