Unrated severityNVD Advisory· Published Jul 18, 2006· Updated Apr 16, 2026
CVE-2006-2450
CVE-2006-2450
Description
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369.
Affected products
1- cpe:2.3:a:libvncserver:libvncserver:0.7.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- bugs.debian.org/cgi-bin/bugreport.cginvdPatch
- libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.cnvdPatch
- secunia.com/advisories/20940nvdPatchVendor Advisory
- sourceforge.net/project/shownotes.phpnvdPatch
- seclists.org/fulldisclosure/2022/May/29nvd
- secunia.com/advisories/21179nvd
- secunia.com/advisories/21349nvd
- secunia.com/advisories/21393nvd
- secunia.com/advisories/21405nvd
- secunia.com/advisories/24525nvd
- security.gentoo.org/glsa/glsa-200608-05.xmlnvd
- security.gentoo.org/glsa/glsa-200608-12.xmlnvd
- security.gentoo.org/glsa/glsa-200703-19.xmlnvd
- www.novell.com/linux/security/advisories/2006_42_kernel.htmlnvd
- www.securityfocus.com/archive/1/442986/100/0/threadednvd
- www.securityfocus.com/bid/18977nvd
- www.vupen.com/english/advisories/2006/2797nvd
News mentions
0No linked articles in our index yet.