WinVNC.Web.Server.GET.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in AT&T WinVNC web server.
The vulnerability is caused by an error that occurs when the vulnerable software handles HTTP requests, and the debugging mode is turned on with the logging feature enabled. It allows a remote attacker to execute arbitrary code via sending a crafted web request.
Affected Products
AT&T WinVNC web server 3.3.3r7 and later versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade the vulnerable software to the latest version, or disable debugging mode.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |