Note: This is an archival copy of Security Sun Alert 200358 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000252.1.
Article ID : 1000252.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-24
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Sun Linux Vulnerability in VNC Package May Allow Local or Remote Unauthorized Access


Release Phase

Bug Id

Date of Resolved Release


A vulnerability with the VNC DES authentication scheme implementation may allow a local or remote unprivileged user to gain unauthorized access to the system. The script for starting the VNC server generates a cookie (which is used for X authentication) without using a sufficiently strong random number generator.

Note: VNC is a tool for providing a remote graphical user interface.

More information on this issue is available at:

Contributing Factors

This issue can occur in the following releases:

Sun Linux

  • Sun Linux 5.0 (LX50) with VNC versions 3.3.3r2-18.4 or earlier

Notes: Sun Linux 5.0 is currently shipped with the Sun LX50 Server.

The VNC package version can be determined by running the following command:

    $ rpm -qa | grep -i vnc


There are no predictable symptoms that would indicate the described issue has been exploited.


To work around the described issue until patches can be applied, temporarily disable VNC with the following steps:

1. To see if VNC is enabled (displayed at all run levels), use the following command:

    # /sbin/chkconfig --list vncserver
vncserver       0:off   1:off   2:off   3:on   4:on   5:on   6:off

2. Disable VNC for all run levels with the following command:

    # /sbin/chkconfig --del vncserver


Sun Linux patches are available at:

Modification History
Date: 13-APR-2005
  • Set State to Resolved

Sun Linux 5.0

This solution has no attachment