I’ve been an avid user of comodo for a while,
upon browsing my system today, i came across something comodo installed i was unaware of.
it seems to have installed a VNC client(TightVnc) located at(/Program files/common/comodo) to gain access to my physicial machine
upon further inspection of this, i found out, to gain access to that service, required no authorization, i was able to successfully gain access to my system from a computer outside the network using http://myip:5800
i feel like this is a massive security flaw, that should be fixed.
CIS Product version:
Windows 7 ultimate(32Bit)
I have Win 7 Ultimate 64 bit and CIS 5.10.228257.2253 as well but I do not have the TightVNC installation on my machine or the other 2 machines in the house. I however do not have GeekBuddy installed not sure if you do or not?
I have indeed got the geekbuddy installed as part of the package
Then my guess is that the VNC is part of GeekBuddy but as you stated before having an open connection is a security issue. In my opinion when you install GeekBuddy then it should have you setup a password that you would have to give the tech for them to access your PC. Maybe we can get a Dev to look into that issue.
This would seem the logical thing to do,however, it just goes and installs as a background service, unaware that it’s actually running.
It’s quite dangerous, for anyone who runs via DMZ,where port forwarding don’t apply,
well that, and being that there is no notification of a connection either.
I am installing CIS 5.10 on a VM and going to install GeekBuddy with it and see if I can get to the VNC control panel and setup some security. Will keep you posted.
Unfortunately as of now there is not a way to do this at install however if you go to "Program Files/Common Files/Comodo and run the tvnserver.exe it will add an icon to the task tray that you can open and setup a password. I have attached a screen shot of the menu.
[attachment deleted by admin]
I’ve not worried about password protecting it,
i’ve turned it off in my services for now,to prevent any future startup
[attachment deleted by admin]
Thanks for this. It is not in standard format, so I cannot put in format verified, but (subject to verification) it could be a security issue. So I’ll send the devs a link today.
Thanks very much for your issue report. We have moved it to the non-format bugs board for the moment, because too much of the information we normally need to replicate a problem and fix it is missing, or it is not in the format we request.
We realize some people may not have the time to do bug report in standard format, and therefore offer the option of a non-format report instead. But the problem is much more likely to be fixed promptly if you edit your first post to create an issue report which meets all criteria in the Checklist and Format. (You can copy and paste the format from this topic). The general reasons why are summarized in that post, the reasons we ask for specific pieces of information are given in this detailed post.
You can get your report moved to the format verified issues board simply by ensuring that it is correctly formatted and all criteria are met, and PM’ing a mod who is active on the bug board.
Link to devs sent. Apologies for delay. I have been testing CIS 6.0.
I experienced the same issue with TVNServer.exe (Geekbuddy) and discovered there is no way to uninstall it on my computer. Also, look for the file named Unit.exe, it’s part of the package also.
Appears I’ll need to do a clean install of my operating system to ensure the file is gone.
In the meantime I disabled TVNServer.EXE, LPS launcher, Unit.exe and remote access connection manager from services menu to prevent any unwanted remote connections.