It was almost over a month ago that we discovered a serious vulnerability in VNC 4.1.1. After we published our proof of concept web program we took it down almost immediately. The reason behind this was to give the RealVNC team time to fix the problem before allowing people to determine what the actual flaw was. Additionally, we have received a huge pile of email begging us to release some type of tool to test for the flaw, or just put our page back up.
We believe that the cat is out of the bag now, and no harm is done by releasing a VNC flaw testing tool.
We have put together a more polished version that you can download and use on your own:
It is easy to use. Just download and run the application. Type in the host name or IP address of the machine you would like to test, and click the begin test button. If the remote machine is vulnerable you will see a very small screenshot of the remote machine displayed. If it is not vulnerable you will get an all clear message instead.
You can download it from our downloads section – As always, no spyware or adware – only freeware goodness
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools