VNC Server 'password' Password

critical Nessus Plugin ID 61708

Language:

Synopsis

A VNC server running on the remote host is secured with a weak password.

Description

The VNC server running on the remote host is secured with a weak password. Nessus was able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.

Solution

Secure the VNC service with a strong password.

Plugin Details

Severity: Critical

ID: 61708

File Name: vnc_password_password.nasl

Version: Revision: 1.2

Type: remote

Family: Gain a shell remotely

Published: 8/29/2012

Updated: 9/24/2015

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Detections

Analytics