VNC Server Unauthenticated Access: Screenshot

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote VNC server does not require authentication.

Description :

The VNC server installed on the remote host allows an attacker to
connect to the remote host as no authentication is required to access
this service.

It was possible to log into the remote service and take a screenshot.

Solution :

Disable the 'No Authentication' security type.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 66174 ()

Bugtraq ID:

CVE ID: