I'm getting inconsistent results scanning with plugin 19288 (VNC security types). Scanning the same machines, I sometimes get:
The remote VNC server chose security type #0 (Invalid) Any user can connect to it without authentication, and thus take control of this machine. and other times get: The remote VNC server chose security type #2 (VNC authentication) I'm scanning with Windows Nessus 3.0.4 build W306. Target machines are Win/2K or Win/XP with RealVNC 3.3.7. I can make VNC connections to the target machines using a password, and if I try to clear the password with this version of VNC, it says it won't accept connections with no password. I think I always get security type #0 for localhost. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
