Not sure how current this is, but just thought I would bring it up, so somebody else who knows better could comment about it.

If I don't remember wrong, the latest Whoppix CD has a demo on how vulnerable the VNC program is, where you can get full control over a box somehow. But maybe that was for an older version, or just in some rare setup or something, not sure. And maybe RDP is as vulnerable too?

Anyone with better knowledge?