Criticality: 
| Groups and Contacts | |
|---|---|
| Region | Asia |
| Platform | Other |
Scan Information
|
|
|---|---|
| Scan Type | Enterprise |
| Started at | 13-Apr-15 11:54 |
| Finished at | 13-Apr-15 12:54 |
Ports: 2 (High:0 Low:2)
| Port | Protocol | Service | Details | ||
|---|---|---|---|---|---|
| 80 | tcp | http | Lotus-Domino/0 | ||
| 1723 | tcp | pptp | Closed Immediately with TCP FIN |
Ports Closed Since the Last Scan: 1 (High:0 Low:1)
| Port | Protocol | Service | Details | ||
|---|---|---|---|---|---|
| 80 | tcp | www | No banner found |
Vulnerabilities: 2 (High:0 Medium:2 Low:0)
| Vulnerability | 10629 | Lotus Domino Anonymous Database Access | Medium Risk |
|---|
| Description | This system is running Lotus Domino. Some databases are accessible without authentication: http://192.168.0.106/certlog.nsf
This usually represents a security risk as the information contained is accessible to anyone on the internet.
|
||||
|---|---|---|---|---|---|
| Solution | Reconfigure Domino to require authentication for these databases. | ||||
| Category | Hosting or infrastructure flaw. | ||||
| CVE References | CVE-2000-0021 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
| CVE-2002-0664 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | ||||
| First Found | 13 February 2015 | Port | 80/tcp | Last 6 Assessments | 
|
| Vulnerability | 11718 | Lotus Domino < 5.0.9 Database Lock DoS | Medium Risk |
|---|
| Description | This system is running a vulnerable version of Lotus Domino, according to its banner. There is a vulnerability in the code related to database locking. A remote attack could use this to lock out some databases, by requesting them through the web interface with a carefully crafted URL. | ||||
|---|---|---|---|---|---|
| Solution | Upgrade to an unaffected version, or apply a patch. | ||||
| CVE Reference | CVE-2001-0954 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
| First Found | 13 January 2015 | Port | 80/tcp | Last 6 Assessments |
|
Historical Information
