CVE-2002-0994

SunPCi II VNC - Info Disclosure

Title source: llm

Description

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Richard van den Berg · clocalunix

https://www.exploit-db.com/exploits/21592

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://www.iss.net/security_center/static/9476.php

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/5146

[Third Party Advisory] http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html

Scores

EPSS 0.0884

EPSS Percentile 92.6%

Details

Status published

Products (1)

sun/sun_pci_ii_driver 2.3

Published Oct 04, 2002

Tracked Since Feb 18, 2026