| Plugin ID | 344 |
| Plugin name | Real VNC Server Detection |
| Plugin filename | Real VNC Server Detection.plugin |
| Plugin filesize | 1830 bytes |
| Plugin family | HTTP |
| Plugin created name | Po Naing Lin |
| Plugin created email | ponainglin at gmail dot com |
| Plugin created web | http://www.popularmyanmar.com |
| Plugin created company | poplarmyanmar.com |
| Plugin created date | 2007/07/24 |
| Plugin version | 4.1 |
| Plugin protocol | tcp |
| Plugin port | 5800 |
| Plugin procedure detection | open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/1.[0-1] ### *Server: RealVNC* |
| Plugin detection accuracy | 10 |
| Plugin comment | This plugin was written with the ATK Attack Editor. |
| Bug affected | Real VNC servers |
| Bug not affected | All other web server implementations |
| Bug vulnerability class | Configuration |
| Bug description | An attacker who is able to get a direct connection to the port can identify the banner of this server as REAL VNC. By this knowledge further enumerations and attacks are possible. |
| Bug solution | Use Password Authentication |
| Bug fixing time | 1 hour |
| Bug exploit availability | Yes |
| Bug remote | Yes |
| Bug local | Yes |
| Bug severity | Low |
| Bug popularity | 9 |
| Bug simplicity | 8 |
| Bug impact | 5 |
| Bug risk | 4 |
| Bug Symantec NetRecon rating | 39 |
| Bug check tools | Most scanners (e.g. N-Stealth, Whisker, Nikto) and security scanners (e.g. Nessus) are able to detect the used server. |