SECURITY DISCLAIMER: VNC is unencrypted by default, so anyone who has access to the patch between you and the server and a decent packet sniffer can capture your sessions and extract passwords, server settings, or other entered data. Therefore, it is highly recommended that you only perform unsecured VNC installations over a trusted network or in a VMWare environment. There are ways of securing VNC (SSH Tunnels for instance), but those are outside the scope of this document. For more information about securing VNC connections with SSH, see Using SSH with VNC (http://www.uk.research.att.com/archive/vnc/sshvnc.html
If I guess you mean that someone can insert an image to the pxe part if the remote install?
Nobody should be able to go backwards through this link once the environment is established.