Let's say I connect to a Linux VNC server from a compromised Windows client.
Would this affect by any mean the server security?
Note:
- The server run on a limited user privileges.
- The programs that is used is TigerVNC or TightVNC.
Let's say I connect to a Linux VNC server from a compromised Windows client.
Would this affect by any mean the server security?
Note:
If an attacker has taken control of your client host, and from this client host you connect to the VNC server, expect the attacker to have at the very least the same privileges as you on the VNC server's host and a complete view of your activity during the VNC session (screen content, keystrokes, etc.).
That's typically how an attacker progressively contaminate a full network: he starts by getting his hand on a few unprivileged client machines (through phishing emails or any other mean), then through this machines and using the user's legitimate accesses he can escalate to internal servers not directly accessible from the outside.