VNC Server 'password' Password

critical Nessus Plugin ID 61708

Synopsis

A VNC server running on the remote host is secured with a weak password.

Description

The VNC server running on the remote host is secured with a weak password. Nessus was able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.

Solution

Secure the VNC service with a strong password.

Plugin Details

Severity: Critical

ID: 61708

File Name: vnc_password_password.nasl

Version: Revision: 1.2

Type: remote

Published: 8/29/2012

Updated: 9/24/2015

Supported Sensors: Nessus