Groups and Contacts | |
---|---|
Region | Asia |
Platform | Other |
Scan Information | |
---|---|
Scan Type | Enterprise |
Started at | 13-Apr-15 11:54 |
Finished at | 13-Apr-15 12:54 |
Port | Protocol | Service | Details | ||
---|---|---|---|---|---|
80 | tcp | http | Lotus-Domino/0 | ||
1723 | tcp | pptp | Closed Immediately with TCP FIN |
Port | Protocol | Service | Details | ||
---|---|---|---|---|---|
80 | tcp | www | No banner found |
Vulnerability | 10629 | Lotus Domino Anonymous Database Access | Medium Risk |
---|
Description | This system is running Lotus Domino. Some databases are accessible without authentication: http://192.168.0.106/certlog.nsf
This usually represents a security risk as the information contained is accessible to anyone on the internet.
|
||||
---|---|---|---|---|---|
Solution | Reconfigure Domino to require authentication for these databases. | ||||
Category | Hosting or infrastructure flaw. | ||||
CVE References | CVE-2000-0021 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
CVE-2002-0664 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | ||||
First Found | 13 February 2015 | Port | 80/tcp | Last 6 Assessments |
Vulnerability | 11718 | Lotus Domino < 5.0.9 Database Lock DoS | Medium Risk |
---|
Description | This system is running a vulnerable version of Lotus Domino, according to its banner. There is a vulnerability in the code related to database locking. A remote attack could use this to lock out some databases, by requesting them through the web interface with a carefully crafted URL. | ||||
---|---|---|---|---|---|
Solution | Upgrade to an unaffected version, or apply a patch. | ||||
CVE Reference | CVE-2001-0954 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
First Found | 13 January 2015 | Port | 80/tcp | Last 6 Assessments |