|
WinCE-based Windows Terminals (thin clients) manufactured by
AK-Systems (http://www.ak-systems.ru/) with firmware version 1.2.5 ExVLP
feature a VNC server for remote administration and setup. The VNC
access is not protected by password, so anyone with a VNC client can
connect to the terminal and watch the user's RDP/Citrix session, or even
meddle into it.
Workaround suggested by vendor: older firmware without VNC support
should be installed on the terminal.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov@sibptus.tomsk.ru
|
