VNC: Invalid Client Version

This protocol anomaly triggers when it detects a VNC client message that has an invalid version string. The VNC protocol defines valid VNC version syntax as RFB xxx.yyy\n. With (xxx) representing major version numbers and (yyy) representing minor version numbers; this is padded with zeros and followed by a NULL character.

Extended Description

If a ProtocolVersion message does not comply with the standard format, this may indicate that a software or transmission error has occurred. It may also indicate that a malicious party is attempting to conduct a buffer overflow or other attack against a VNC client or server.

Short Name
VNC:INVALID:CLIENT-VERSION
Severity
Warning
Recommended
False
Recommended Action
None
Category
VNC
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3324
False Positive
Unknown

Found a potential security threat?