Your Company Vulnerability Descriptions - April 2015

Company Reference:
YC 201135
Sub-Report:
Other
All [Selected]NewFixed Stoplist

Vulnerability Statistics

 2
 3
 0
 3
 0
 0		High risk vulnerabilities found.
Medium risk vulnerabilities found.
Low risk vulnerabilities found.
New vulnerabilities found.
Urgent vulnerabilities found.
Overdue vulnerabilities found. 		 1
 1
 0
 2
 3
 0
 0		Systems (20%) had high risk vulnerabilities.
Systems (20%) had medium risk vulnerabilities.
Systems (0%) had low risk vulnerabilities.
Systems (40%) had vulnerabilities.
Systems (60%) had no vulnerabilities.
Systems (0%) had urgent vulnerabilities.
Systems (0%) had overdue vulnerabilities.		 Scan Type
Start Date
End Date
Report Generated
Systems Scanned
New Systems 		Enterprise
13-Apr-15 11:54
16-Apr-15 16:32
01-Jul-15 15:52
5
0

Key Increase No change DecreaseHigh RiskMedium RiskLow Risk

 

Summary of Vulnerabilities

Download Summary CSV...

Show Category: 
Hosting VulnerabilitiesDesign Vulnerabilities
Filter by CVE or Vulnerability Id:      

Expand / collapse allCollapse Details   Collapse Graphs   Collapse Systems

Collapse   Vulnerability Collapse   90027High Risk Ports Open   NEWCollapse  1 SystemHigh Risk
DescriptionThe following high risk ports are open: 
[For specific url or description click server link below.]
It is generally not recommended to expose these ports to the Internet as they may be used as attack vectors. If access to these services from remote sites is required, tunnelling or a VPN would be recommended instead of exposing these ports.
Note: Even if the ports are immediately closed after being opened, this is still a security risk as packets are reaching the destination host. It is recommended to completely drop packets from untrusted sources instead. 
SolutionEnsure that the ports are filtered by your router or firewall or close the ports on the affected systems. 
CategoryHosting or infrastructure flaw.
CVE ReferenceCVE-MAP-NOMATCHCVSS2 6.4 (Medium) (AV:N/AC:L/Au:N/C:P/I:P/A:N)
Systemswww.your_company.fr (192.168.0.105)   NEW  

Collapse   Vulnerability Collapse   10264SNMP Default Community Names   NEWCollapse  1 SystemHigh Risk
DescriptionThis system is running an SNMP agent which uses an easily guessable community string. This enables an attacker to extract a large amount of useful information. If a writeable community string is guessable, an attacker could make configuration changes to the server. Here is a sample of the information that can be extracted: 
[For specific url or description click server link below.]
 
SolutionDisable SNMP, or change the community string to something unguessable. 
CategoryHosting or infrastructure flaw.
CVE References CVE-1999-0186CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C)
  CVE-1999-0254CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C)
  CVE-1999-0516CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
  CVE-1999-0517CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
  CVE-2004-0311CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C)
  CVE-2004-1474CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:P/A:N)
  CVE-2010-1574CVSS2 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Systemswww.your_company.fr (192.168.0.105)   NEW  

Collapse   Vulnerability Collapse   10539Globally Useable Name Server   NEWCollapse  1 SystemMedium Risk
DescriptionThis system is running a name server that allows any system on the Internet to perform recursive queries and resolve third-party domain names. An attacker could use this to extract information about your name lookup patterns, and may be able to perform DNS cache poisoning attacks. 
SolutionRestrict recursive queries to trusted addresses. For servers running BIND, use the allow-recursion or allow-query directives. 
CategoryHosting or infrastructure flaw.
ReferencesSecuring Windows Server 2003 Domain Controllers    Disabling recursion in BIND   
CVE Reference CVE-1999-0024CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Systemswww.your_company.fr (192.168.0.105)   NEW  

Collapse   Vulnerability Collapse   11718Lotus Domino < 5.0.9 Database Lock DoSCollapse  1 SystemMedium Risk
DescriptionThis system is running a vulnerable version of Lotus Domino, according to its banner. There is a vulnerability in the code related to database locking. A remote attack could use this to lock out some databases, by requesting them through the web interface with a carefully crafted URL. 
SolutionUpgrade to an unaffected version, or apply a patch. 
CVE Reference CVE-2001-0954CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Systemswww.yourcompany.com.my (192.168.0.106)   [Jan 2015]  

Collapse   Vulnerability Collapse   10629Lotus Domino Anonymous Database AccessCollapse  1 SystemMedium Risk
DescriptionThis system is running Lotus Domino. Some databases are accessible without authentication:
[For specific url or description click server link below.]
This usually represents a security risk as the information contained is accessible to anyone on the internet. 
SolutionReconfigure Domino to require authentication for these databases. 
CategoryHosting or infrastructure flaw.
CVE References CVE-2000-0021CVSS2 5.0 (Medium) (AV:N/AC:L/Au:N/C:P/I:N/A:N)
  CVE-2002-0664CVSS2 7.5 (High) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Systemswww.yourcompany.com.my (192.168.0.106)   [Feb 2015]  

Scans by RatwareUK