SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
http://www.iss.net/security_center/static/9476.php
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html