Slashdot Mirror

← Back to Stories (view on slashdot.org)

Critical Flaw Found in VNC 4.1

Posted by ryuzaki0 on from the public-desktops dept.

jblobz writes "IntelliAdmin has discovered a critical flaw that allows an attacker to control any machine running VNC 4.1. The flaw grants access without the attacker obtaining a password. The details of the vulnerability have not been released, but their website has a proof of concept that allows you to test your own VNC installation for the vulnerability"

6 of 175 comments (clear)

  1. The penultimate Slashdot troll post investigation by chibi.nowheregirl · · Score: -1, Offtopic

    Before analyzing what can and cannot be considered a "troll" post, we must first precisely define the meaning of the word troll. From Wikipedia:

    In Internet terminology, a troll is someone who comes into an established community such as an online discussion forum, and posts inflammatory, rude, or offensive messages designed to annoy and antagonize the existing members or disrupt the flow of discussion

    In simplified terms, a troll post must consist of one or more of the following criteria (numbered for convenience):

    1. An obvious flame, preferably one with an angry attitude and/or written to include profanity.
    2. A rude post that blatently disregards an opinion without proper defense.
    3. An offensive post solely meant to express one's anger, typically containing words or phrases with an extreme political slant.
    4. A post meant to annoy and anger fellow posters.
    5. A post whose sole purpose is to disrupt the reading of other posts.

    Now that we've got a proper definition of the term troll, we can start determining exactly what is and what isn't a "troll post":

    • "Netcraft confirms it"
      This common Slashdottism falls under criterion #5, as it disrupts the flow of discussion, and has never added any insightful or interesting information to any comment on Slashdot. This is a troll post.
    • "Can you imagine a Beowulf cluster of these?"
      Another common Slashdottism that falls under criterion #5. Not surprisingly, it's mutated from a cheap (and unfunny) joke to a full-blown article by one of Slashdot's most hated (former) editors, Michael. This is a troll post.
    • "Microsoft in all its power and glory is unwilling to be compatible with the rest of the world"
      It should be fairly obvious that this is nothing but a flame dressed in insight's clothing. The first paragraph is generic Slashdot astroturf, but the last paragraph is nothing but blind criticism against Microsoft. For the most part, many of those criticisms can only apply to the most hateful of the Microsoft opponents. Check criterion #4. This is a troll post.
    • "Until the next Hitler comes along."
      This poster compares George W. Bush to Adolf Hitler. That consitutes being a troll under criterion #4 as it is, but the fact that they give no real reason for criticising Bush or comparing him to Hitler also puts the post under criteria #1, #2, and #3. This is a troll post.
    • "Yet global warming is a fact, no-one disputes that..."
      This post gives absolutely no reason for agreeing or disagreeing with the theory of global warming. Rather than expressing a logical viewpoint, the poster claims Americans are in "denial... so they don't have to feel guilty for driving their SUV's and Minivans over an hour to work [sic]." Criteria #2 is in question, but criteria #3 is obviously there. This is a troll post.
    • "At least be honest about this, guys"
      At first, you might consider this a troll post.
  2. Re:tight vnc by mtmra70 · · Score: 0, Offtopic

    The tight holes seem to be the desirable ones now 'n days.....

  3. Re:The penultimate Slashdot troll post investigati by jihadi_diggrulz · · Score: 1, Offtopic

    Mod parent up +5 Insightful.

    Just my €0.01.

  4. While I hate to say it... by Khyber · · Score: 0, Offtopic

    Just releasing a stable patch for it and saying it's just a bad database overflow would probably be better than disclosing proof of concept, especially if it can be run on other machines, particularly DEFENSE NETWORKS THAT SHOULDN'T BE ON THE INTERNET ANY-FUCKING-WAY LIKE THEY ARE NOW. Excuse me? Our original DARPA-NET still connected to the rest of the world? What? Can you please explain this to me, even IF it is funded with taxpayer dollars, please? *SOME* info has to remain sensitive, and I'm a huge 4th amendment advocate. Besides the point, some of our own info *MUST* remain private if we, as a country, are to have/maintain our own self-independence. Let's just not make sure it comes to Bushism/Catholicism/Ninjitsu/WHATEVER RELIGION PERIOD.... ONLY rational and realistic thinkers are allowed, with SOME exception for those that *MAY* have half a clue, unlike everyone else, who seems uneducated. Think I'm talking about you? Check your current school discrict grades with other school districts. Do I hear an "I'm sorry?"

    Our schooling system, before anything else, needs a reform. If you ask me "How do you propose this, Sir?" I point you to my previous posts. Since my Firefox copy/paste function is inexplicably broken, I invite you to search through my most recent TEN slashdot posts I've made, and within those, you'll find the relevant answer that I believes answerss your question/s.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  5. Re:tight vnc (NOTE TO MODERATORS) by julesh · · Score: 0, Offtopic

    Mods, the parent post is *not* offtopic. It's an important question, the answer to which is "no, it isn't.".

  6. OH YEAH?!?! by Anonymous Coward · · Score: -1, Offtopic
    4 posts and the web server is toast - doesn't look like many people will be testing it any time soon as everyone smashs the refresh button

    Maybe some of you /. big boys would like to SMASH MY CLIT!!!