Re: VNC authentication weakness

From: Jack Lloyd (lloyd@acm.jhu.edu)
Date: 07/24/02 

Date: Wed, 24 Jul 2002 16:43:41 -0400 (EDT)
From: Jack Lloyd <lloyd@acm.jhu.edu>
To: <jepler@unpythonic.net>

On Wed, 24 Jul 2002 jepler@unpythonic.net wrote:

> If your server will give the same challenge repeatedly, and you can
> sniff somebody else's challenge and response, it appears that you could
> authenticate without knowing the password simply by connecting within
> the 1-second window to get the same challenge, and then send the same
> response as the legitimate client.
>
> Another weakness in the challenge is that it uses 'random()%256'. Many
> implementations of random() have highly predictable low bits. It's not
> clear that this leads to as easy a compromise as the repeated challenge
> problem, but it's something that warrants consideration..

While looking at this, I noticed (in 3.3.3r2) that VNC seems to use the
password directly as a key to DES (truncating if the size is > 8 and
padding with NULL if it's < 8). Since DES ignores the low bit of each byte
of the key, this seems to mean that there are many different passwords
which will be accepted in place of the "real" password. (Can someone
confirm this is actually the case?)

Between that and the fact that challenges are based only on time(0) [ie you
can easily precompute every possible challenge the VNC server would send
out over the next week], it _may be a bad idea to rely on VNC's built in
authentication.

Regards,
 Jack

Relevant Pages

  • [REVS] Introduction to HTTP Response Splitting
    ... single HTTP request that forces the web server to form an output stream, ... one response. ... HTTP response splitting is a fairly new web application vulnerability. ... Web cache poisoning: In this form a rather larger defacement takes place ...
    (Securiteam)
  • Re: Help - administrator locked out!
    ... Second - thanks for your extremely helpful response. ... with 1 Novell server. ... I don't pretend that I'm some sort of super administrator or anything. ... I agree it's my practices that have got me into trouble in the first ...
    (microsoft.public.windows.server.general)
  • Re: Requiring User Name and Password for Connection to Network Res
    ... If you don't have a matching account on the server, and if the Guest account on ... then the server should request that you authenticate ...
    (microsoft.public.windowsxp.network_web)
  • [NEWS] Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service
    ... respond to certain Domain Name Service (DNS) name server record requests ... Global Server Load Balancing. ... This vulnerability in CSS is documented as Cisco Bug IDs CSCdz62499 and ... formulate a response for the client. ...
    (Securiteam)
  • Re: Allowing Mail from an appliance &/or other Mail server
    ... this virtual server and restrict by the ip address for the security. ... accomplished by limiting which IP addresses can connect to your SMTP ... Outlook users do not need smtp connectivity to Exchange servers - they ... your smtp relay server configured to authenticate as well. ...
    (microsoft.public.exchange.connectivity)