This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
A remote control service is running on this port.
UltraVNC seems to be running on the remote port.
Upon connection, the remote service on this port always sends the same
12 pseudo-random bytes.
It is probably UltraVNC with the old DSM encryption plugin. This
plugin tunnels the RFB protocol into a RC4-encrypted stream.
This old protocol does not use a random IV so the RC4 pseudo random
flow is reused from one session to another. An authenticated user
could leverage this issue to decrypt other users' sessions.
If this service is not needed, disable it or filter incoming traffic
to this port. Otherwise, upgrade UltraVNC and use one of the new and
safer plugins which implement a random IV.
Risk factor :
Medium / CVSS Base Score : 4.0
Family: Service detection
Nessus Plugin ID: 19289 ()
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.