Vulnerability | 90027 | High Risk Ports Open | 1 System | High Risk |
---|
Description | The following high risk ports are open: [For specific url or description click server link below.] Note: Even if the ports are immediately closed after being opened, this is still a security risk as packets are reaching the destination host. It is recommended to completely drop packets from untrusted sources instead. | ||||
---|---|---|---|---|---|
Solution | Ensure that the ports are filtered by your router or firewall or close the ports on the affected systems. | ||||
Category | Hosting or infrastructure flaw. | ||||
CVE Reference | CVE-MAP-NOMATCH | CVSS2 6.4 (Medium) (AV:N/AC:L/Au:N/C:P/I:P/A:N) |
Systems | www.yourcompany.net (192.168.0.102) |
---|
Vulnerability | 11793 | Apache < 1.3.28 Multiple flaws | 1 System | Medium Risk |
---|
Description | According to its banner, this web server is running a version of Apache older than 1.3.28. This version contains fixes for multiple minor denial of service flaws. Although these are not exploitable in all configurations, it is recommended that you upgrade to the latest version. | ||||
---|---|---|---|---|---|
Solution | Upgrade to an unaffected version. | ||||
Category | Hosting or infrastructure flaw. | ||||
References | Apache 1.3 Changelog | ||||
CVE References | CVE-2002-0061 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
CVE-2003-0460 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P) |
Systems | www.yourcompany.net (192.168.0.102) |
---|
Vulnerability | 10736 | DCE Services Enumeration | 1 System | Medium Risk |
---|
Description | It is possible for any remote user to connect to port 135 on this host and enumerate the available DCE services. The information leaked is relatively low risk, although an attacker could use it to focus their strategy. However, the vulnerability is more worrying because it shows that Windows file sharing (NetBIOS) is accessible over the internet, which is considered unwise.[For specific url or description click server link below.] | ||||
---|---|---|---|---|---|
Solution | Use a firewall to restrict access to Windows file sharing ports to trusted addresses. | ||||
Category | Hosting or infrastructure flaw. | ||||
CVE Reference | CVE-MAP-NOMATCH | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:P/I:N/A:N) |
Systems | www.yourcompany.net (192.168.0.102) |
---|
Vulnerability | 10965 | SSH 3 AllowedAuthentication | 1 System | Medium Risk |
---|
Description | According to its banner, the remote server is running a version of SSH which is between 3.0.0 and 3.1.2. There is a vulnerability in this release that may, under some circumstances, allow users to authenticate using a password whereas it is not explicitely listed as a valid authentication mecanism. An attacker may use this flaw to attempt to brute force a password using a dictionnary attack (if the passwords used are weak). | ||||
---|---|---|---|---|---|
Solution | Upgrade to version 3.1.2 of SSH which solves this problem. | ||||
References | Bugtraq ID 4810 | ||||
CVE References | CVE-2002-1646 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
CVE-2005-0962 | CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P) |
Systems | mail.example.com (192.168.0.111) |
---|
Vulnerability | 10114 | ICMP Timestamp Request | 1 System | Low Risk |
---|
Description | This system responds to ICMP timestamp requests. A remote attacker could use such requests to determine the exact date and time on the system. This information could be used in attacks against time-based authentication protocols. | ||||
---|---|---|---|---|---|
Solution | Either disable timestamp replies, or filter them at your firewall. | ||||
CVE Reference | CVE-1999-0524 | CVSS2 0.0 (Low) (AV:L/AC:L/Au:N/C:N/I:N/A:N) |
Systems | www.example.com (192.168.0.112) |
---|
Vulnerability | 10021 | Identd enabled | 1 System | Low Risk |
---|
Description | The ident service appears to be running on the remote host. This service provides sensitive information to an attacker, allowing them to enumerate which accounts are running which services. | ||||
---|---|---|---|---|---|
Solution | Disable this service or restrict it to trusted IP addresses | ||||
CVE Reference | CVE-1999-0629 | CVSS2 0.0 (Low) (AV:N/AC:L/Au:N/C:N/I:N/A:N) |
Systems | www.your_company.fr (192.168.0.105) |
---|
Vulnerability | 10640 | Kerberos PingPong DOS | 1 System | Low Risk |
---|
Description | The remote kerberos server seems to be vulnerable to a pingpong attack. When contacted on the UDP port, this service always responds, even to bogus data. An attacker can cause a denial of service attack, by spoofing a packet between two machines running this service. This will cause them to spew data at each other, saturating the network. | ||||
---|---|---|---|---|---|
Solution | Disable this service in /etc/inetd.conf. | ||||
CVE Reference | CVE-1999-0103 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P) |
Systems | www.your_company.fr (192.168.0.105) |
---|
Vulnerability | 10759 | Private IP Address Leakage | 1 System | Low Risk |
---|
Description | This system exposes its RFC 1918 private IP address. This is the internal IP address of the system, that would usually be masked by a proxy or NAT firewall. This information may be useful to an attacker trying to remotely map your network or prepare an attack. The private IP address is:[For specific url or description click server link below.] | ||||
---|---|---|---|---|---|
Solution | Update your web server configuration. For IIS, issue "adsutil set w3svc/UseHostName True" and restart. On Apache, ensure that ServerName in httpd.conf is set to a hostname. | ||||
Category | Hosting or infrastructure flaw. | ||||
References | Bugtraq ID 1499 Microsoft Knowledge Base Q218180 RFC 1918 | ||||
CVE Reference | CVE-2000-0649 | CVSS2 2.6 (Low) (AV:N/AC:H/Au:N/C:P/I:N/A:N) |
Systems | www.your_company.nl (192.168.0.103) |
---|
Vulnerability | 12279 | QPopper <= 4.0.5 User Names Information Leakage | 1 System | Low Risk |
---|
Description | According to its banner, this host is running a vulnerable version of QPopper. These versions return a different error message on failed login, depending on whether the user name exists. An attacker can use this to enumerate users - the starting point for a password guessing attack. | ||||
---|---|---|---|---|---|
Solution | No patch is currently available. You must either accept this risk or choose another POP3 server. | ||||
References | Bugtraq ID 7110 | ||||
CVE Reference | CVE-2001-1068 | CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:P/I:N/A:N) |
Systems | www.yourcompany.co.uk (192.168.0.100) |
---|