cpe:/a:att:vnc:3.3.3 cpe:/a:att:vnc:3.3.3r2 cpe:/a:att:vnc:3.3.4 cpe:/a:att:vnc:3.3.5 cpe:/a:att:vnc:3.3.6 cpe:/a:tightvnc:tightvnc:1.2.0 cpe:/a:tightvnc:tightvnc:1.2.1 cpe:/a:tightvnc:tightvnc:1.2.2 cpe:/a:tightvnc:tightvnc:1.2.3 cpe:/a:tightvnc:tightvnc:1.2.4 cpe:/a:tightvnc:tightvnc:1.2.5 CVE-2002-1511 2003-03-03T00:00:00.000-05:00 2008-09-10T15:14:48.557-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 GENTOO 200302-15 SUNALERT 56161 BID 6905 CONECTIVA CLSA-2003:640 MANDRAKE MDKSA-2003:022 REDHAT RHSA-2003:041 REDHAT RHSA-2003:068 CONFIRM http://changelogs.credativ.org/debian/pool/main/v/vnc/vnc_3.3.6-3/changelog XF vnc-rand-weak-cookie(11384) The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.