Vino could allow a remote attacker to bypass security restrictions, caused by an error in vino-preferences dialog box when providing information on network accessibility. Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
It also spreads by exploiting the Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability and RealVNC Remote Authentication Bypass Vulnerability. It spreads by searching for vulnerable SQL servers and by sending an HTML link to available contacts on instant messenger programs. W32.Gangbot (2007.01.22) - a worm that opens a back door and connects to an IRC server. RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. Some Apple applications use this port as well: Apple Remote Desktop 2.0 or later (Observe/Control feature), Screen Sharing (Mac OS X 10.5 or later)
VNC typically also uses ports 5800+ and 5900+ for additional machines.Ĭitrix NetScaler appliance Lights out Management uses ports 4001, 5900, 623 TCP to run a daemon that offers unified configuration management of routing protocols.īackdoor.Evivinc also uses this port. VNC (Virtual Network Computing) - remote control programs.