Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Mar 3, 2003· Updated Apr 16, 2026

CVE-2002-1511

CVE-2002-1511

Description

The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.

Affected products

11

Tightvnc/Tightvnc6 versions
cpe:2.3:a:tightvnc:tightvnc:1.2.2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:tightvnc:tightvnc:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:tightvnc:tightvnc:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:tightvnc:tightvnc:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:tightvnc:tightvnc:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:tightvnc:tightvnc:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:tightvnc:tightvnc:1.2.1:*:*:*:*:*:*:*
Att/Vnc5 versions
cpe:2.3:a:att:vnc:3.3.3:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:att:vnc:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:att:vnc:3.3.3r2:*:*:*:*:*:*:*
- cpe:2.3:a:att:vnc:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:att:vnc:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:att:vnc:3.3.6:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

www.redhat.com/support/errata/RHSA-2003-041.htmlnvdPatchVendor Advisory
www.iss.net/security_center/static/11384.phpnvdVendor Advisory
changelogs.credativ.org/debian/pool/main/v/vnc/vnc_3.3.6-3/changelognvd
distro.conectiva.com.br/atualizacoes/nvd
security.gentoo.org/glsa/glsa-200302-15.xmlnvd
sunsolve.sun.com/pub-cgi/retrieve.plnvd
www.mandrakesoft.com/security/advisoriesnvd
www.redhat.com/support/errata/RHSA-2003-068.htmlnvd
www.securityfocus.com/bid/6905nvd

News mentions

0

No linked articles in our index yet.