This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A flaw was found in the way the VNC 'password' option was handled.
Clearingaa password disabled VNC authentication, allowing a remote
user able to connect to the virtual machines' VNC ports to open a VNC
session without authentication. (CVE-2011-0011)
After installing this update, shut down all running virtual machines.
Once all virtual machines have shut down, start them again for this
update to take effect.
See also :
Update the affected qemu-img, qemu-kvm and / or qemu-kvm-tools
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60989 ()
CVE ID: CVE-2011-0011