Wow, 1 line of code addition to exploit: secType=1; Since I'm sure many have already discovered this (since it is so trivial), I leave it up to the devious reader to find out where to insert this. BTW: RealVNC 4.1.2 is not affected by this bug. ** Disclaimer: If you find out how to exploit this, do so *only* against your own systems to see if you are vulnerable. Please do not exploit others systems since the sysadmins already have a hard enough time dealing with users and do not need your presents to deal with.
