VNC: Server Cut Text Overflow

This protocol anomaly is a VNC server message with cut text that exceeds the user-defined maximum. The default cut text length is 4096; you can change this setting in the Sensor Settings Rulebase>Protocol Thresholds and Configuration>VNC>Cut text length.

Extended Description

Some VNC implementations may be vulnerable in how they process such unusual exception conditions, especially an Authentication Status message that is too long. The security flaws in these products may be exploited for denial of service or other attacks.

Short Name
VNC:ERR:SVR-CUT-OVERFLOW
Severity
Major
Recommended
False
Recommended Action
None
Category
VNC
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3324
False Positive
Unknown

Found a potential security threat?