VNC Server 'password' Password

Critical Nessus Plugin ID 61708

Synopsis

A VNC server running on the remote host is secured with a weak password.

Description

The VNC server running on the remote host is secured with a weak password. Nessus was able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.

Solution

Secure the VNC service with a strong password.

Plugin Details

Severity: Critical

ID: 61708

File Name: vnc_password_password.nasl

Version: Revision: 1.2

Type: remote

Published: 2012/08/29

Modified: 2015/09/24

Dependencies: 19288

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C