Groups and Contacts | |||
---|---|---|---|
Region | EMEA | Business | janebloggs@yourcompany.com |
Platform | Other | Technical | joe.bloggs@technicians.com |
Scan Information | |
---|---|
Scan Type | Enterprise |
Started at | 13-Apr-15 11:54 |
Finished at | 13-Apr-15 12:54 |
Port | Protocol | Service | Details | ||
---|---|---|---|---|---|
23 | tcp | telnet | User Access Verification | ||
53 | tcp | domain | None | ||
53 | udp | dns | version.bind TXT "8.3.3-REL" | ||
69 | udp | tftp | Server Found, Error (You are not unlocked for reading) | ||
161 | udp | snmp | uptime 272559693 centiseconds |
Port | Protocol | Service | Details | ||
---|---|---|---|---|---|
113 | tcp | auth | Response Received | ||
750 | tcp | kerberos | No banner found |
Vulnerability | 90027 | High Risk Ports Open | High Risk |
---|
Description | The following high risk ports are open: PORT SERVICE 23/tcp telnet 69/udp tftp 161/udp snmp Note: Even if the ports are immediately closed after being opened, this is still a security risk as packets are reaching the destination host. It is recommended to completely drop packets from untrusted sources instead. |
||||
---|---|---|---|---|---|
Solution | Ensure that the ports are filtered by your router or firewall or close the ports on the affected systems. | ||||
Category | Hosting or infrastructure flaw. | ||||
CVE Reference | CVE-MAP-NOMATCH | CVSS2 6.4 (Medium) (AV:N/AC:L/Au:N/C:P/I:P/A:N) | |||
First Found | 13 May 2014 | Port | general | Last 6 Assessments |
Vulnerability | 10264 | SNMP Default Community Names | High Risk |
---|
Description | This system is running an SNMP agent which uses an easily guessable community string. This enables an attacker to extract a large amount of useful information. If a writeable community string is guessable, an attacker could make configuration changes to the server. Here is a sample of the information that can be extracted: host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.168 = "SMSS.EXE" host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.192 = "CSRSS.EXE" host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.212 = "WINLOGON.EXE" |
||||
---|---|---|---|---|---|
Solution | Disable SNMP, or change the community string to something unguessable. | ||||
Category | Hosting or infrastructure flaw. | ||||
CVE References | CVE-1999-0186 | CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
CVE-1999-0254 | CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) | ||||
CVE-1999-0516 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | ||||
CVE-1999-0517 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | ||||
CVE-2004-0311 | CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) | ||||
CVE-2004-1474 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:P/A:N) | ||||
CVE-2010-1574 | CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) | ||||
First Found | 13 April 2015 | Port | 161/udp | Last 6 Assessments |
Vulnerability | 10539 | Globally Useable Name Server | Medium Risk |
---|
Description | This system is running a name server that allows any system on the Internet to perform recursive queries and resolve third-party domain names. An attacker could use this to extract information about your name lookup patterns, and may be able to perform DNS cache poisoning attacks. | ||||
---|---|---|---|---|---|
Solution | Restrict recursive queries to trusted addresses. For servers running BIND, use the allow-recursion or allow-query directives. | ||||
Category | Hosting or infrastructure flaw. | ||||
References | Disabling recursion in BIND Securing Windows Server 2003 Domain Controllers | ||||
CVE Reference | CVE-1999-0024 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
First Found | 13 May 2014 | Port | 53/udp | Last 6 Assessments |
Vulnerability | 10021 | Identd enabled | Low Risk |
---|
Description | The ident service appears to be running on the remote host. This service provides sensitive information to an attacker, allowing them to enumerate which accounts are running which services. | ||||
---|---|---|---|---|---|
Solution | Disable this service or restrict it to trusted IP addresses | ||||
CVE Reference | CVE-1999-0629 | CVSS2 0.0 (Low) (AV:N/AC:L/Au:N/C:N/I:N/A:N) | |||
First Found | 13 May 2014 | Port | 113/tcp | Last 6 Assessments |
Vulnerability | 10640 | Kerberos PingPong DOS | Low Risk |
---|
Description | The remote kerberos server seems to be vulnerable to a pingpong attack. When contacted on the UDP port, this service always responds, even to bogus data. An attacker can cause a denial of service attack, by spoofing a packet between two machines running this service. This will cause them to spew data at each other, saturating the network. | ||||
---|---|---|---|---|---|
Solution | Disable this service in /etc/inetd.conf. | ||||
CVE Reference | CVE-1999-0103 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
First Found | 13 December 2014 | Port | 750/tcp | Last 6 Assessments |