Your Company Unfixed Vulnerabilities by Age - April 2015

Company Reference:
YC 201135
Hosts with Unfixed Vulnerabilities
7 High3 Medium0 Low10 Total


Ordered by Host

Host NameIP AddressCriticalRegionReportPortsHighMedium
Number Longest  Number Longest
sql2.manc.yourcompany.com192.168.1.53EMEA  View 21535
www.yourcompany.net192.168.0.102US  View 21324
www.example.com192.168.0.112Asia  View 31333
www.your_company.nl192.168.0.103EMEA  View 72322
sql1.manc.yourcompany.com   OVERDUE192.168.1.52EMEA  View 32222
dns0.example.com   OVERDUE192.168.0.110Asia  View 53211
mail.example.com   URGENT192.168.0.111Asia  View 82221
www.yourcompany.co.uk192.168.0.100EMEA  View 5  15
apollo.example.com   OVERDUE192.168.0.81  View 3  15
www.yourcompany.com.my192.168.0.106Asia  View 2  23

Ordered by Vulnerability

VulnerabilitySeverity SystemsLongest
High Risk Ports OpenHigh Risk35
Apache < 1.3.26 Chunked Encoding VulnerabilityHigh Risk13
SNMP Default Community NamesHigh Risk23
SSH Protocol Version 1 EnabledHigh Risk23
Sendmail < 8.12.8 Buffer Overrun   URGENTHigh Risk12
BIND < 8.2.3 Buffer Overrun   OVERDUEHigh Risk11
IIS WebDAV Buffer OverrunHigh Risk11
MySQL Database Accessible Without Password   OVERDUEHigh Risk11
Apache < 1.3.27 Multiple VulnerabilitiesMedium Risk25
MySQL < 3.23.55 Multiple VulnerabilitiesMedium Risk15
OpenSSL < 0.9.6m, 0.9.7d SSL/TLS Handshake Denial of ServiceMedium Risk15
Cross-Site ScriptingMedium Risk14
MySQL < 3.23.56 Privilege EscalationMedium Risk24
Lotus Domino < 5.0.9 Database Lock DoSMedium Risk13
Apache < 1.3.31, 2.0.49 Multiple VulnerabilitiesMedium Risk12
IIS .printer ISAPI Filter EnabledMedium Risk12
Lotus Domino Anonymous Database AccessMedium Risk12
MySQL < 3.23.58, 4.0.15 Password OverflowMedium Risk22
Apache mod_ssl < 2.8.10 off by one VulnerabilityMedium Risk11
DNS Zone Transfer   OVERDUEMedium Risk11
Globally Useable Name ServerMedium Risk11
IIS global.asa AccessibleMedium Risk11
OpenSSH < 3.6.1p2 PAM Timing AttackMedium Risk11
SMTP Server Allows VRFY/EXPNMedium Risk11

Ordered by Contact

Collapse Expand / Collapse All

Name  SystemsReportTotal
Vulns		HighMediumLongestMonths of
Exposure
cuthbert@yourcompany.comCollapse  2  Systems 835523
sql1.manc.yourcompany.com   OVERDUE192.168.1.52View42227
sql2.manc.yourcompany.com192.168.1.53View413516
janebloggs@yourcompany.comCollapse  6  Systems 20911540
dns0.example.com   OVERDUE192.168.0.110View43125
www.your_company.nl192.168.0.103View42237
mail.example.com   URGENT192.168.0.111View42226
www.example.com192.168.0.112View41339
www.yourcompany.net192.168.0.102View31248
www.yourcompany.co.uk192.168.0.100View1 155
joe.bloggs@technicians.comCollapse  4  Systems 1367525
dns0.example.com   OVERDUE192.168.0.110View43125
mail.example.com   URGENT192.168.0.111View42226
www.example.com192.168.0.112View41339
apollo.example.com   OVERDUE192.168.0.81View1 155
johndoe@yoursecurity.co.ukCollapse  3  Systems 835519
mail.example.com   URGENT192.168.0.111View42226
www.yourcompany.net192.168.0.102View31248
www.yourcompany.co.uk192.168.0.100View1 155
manager@yourcompany.comCollapse  3  Systems 954516
dns0.example.com   OVERDUE192.168.0.110View43125
mail.example.com   URGENT192.168.0.111View42226
apollo.example.com   OVERDUE192.168.0.81View1 155

Note: This report deals with unfixed vulnerabilities. A vulnerability is considered "unfixed for three scans" if it has appeared for four consecutive scans.

Scans by RatwareUK