JavaScript Disabled

We recommend that you change the JavaScript settings in your web browser.

In order to access certain pages and features of the Rapid7 site, JavaScript needs to be enabled. Please see this message on
How to enable JavaScript.

Once you have enabled JavaScript, reload the page.

Nexpose Vulnerability Database

Search Hints

Try searching for a product or vendor.
Only vulnerabilities that match all search terms will be returned.
Enclose search terms in double quotes for an exact search.
For CVE searches, only enter the CVE-YYYY-XXXX code.

Get Nexpose now

Search vulnerabilities with Rapid7's vulnerability management solution

FREE DOWNLOAD

VNC remote control service installed

Severity	CVSS	Published	Added	Modified
Moderate (3)	7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)	Nov 1, 2004	Nov 1, 2004	Jan 28, 2011

Description:

AT&T Virtual Network Computing (VNC) provides remote users with access to the system it is installed on. If this service is compromised, the user can gain complete control of the system.

Vulnerability Management

Get your solution now

FREE DOWNLOAD

Solution:

Fix VNC remote control service installed

Remove or disable this service. If it is necessary, be sure to use well thought out (hard to crack) passwords. It is important to note that VNC truncates passwords to 8 bytes when authenticating, making it more susceptible to brute force attacks.

To protect data from eaves-droppers, tunneling VNC through SSH is recommended.

Additionally, restricting access to specific IP addresses using TCP wrappers is also recommended.

For more information on VNC, visit the VNC website.

Download Nexpose

Download our vulnerability management solution, Nexpose, for free today. Scan 100% of your infrastructure for vulnerabilities, understand your risk exposure, compare and prioritize your vulnerabilities and verify that they are remediated.

Previous Next