Mosix ClumpOS Blank Default VNC Password Vulnerability

info
discussion
exploit
solution
references

Mosix ClumpOS Blank Default VNC Password Vulnerability

ClumpOS is a CD-based Linux and Mosix distribution. It is maintained and distributed by the Mosix project.

ClumpOS does not prompt a user to set a password for VNC when installed. Instead, ClumpOS leaves the default password for VNC blank. This could allow remote root access to the system.