You are on page 1of 14

Nessus Report

Nessus Scan Report


23/Feb/2015:12:29:35
Nessus Home: Commercial use of the report is prohibited
Any time Nessus is used in a commercial environment you MUST maintain an active
subscription to the Nessus Feed in order to be compliant with our license agreement:
http://www.tenable.com/products/nessus

Table Of Contents
Hosts Summary (Executive).................................................................................................3

192.168.1.1.................................................................................................................................................................. 4
192.168.1.12................................................................................................................................................................ 6
192.168.1.13................................................................................................................................................................ 7
192.168.1.15................................................................................................................................................................ 8
192.168.1.17.............................................................................................................................................................. 10
192.168.1.18.............................................................................................................................................................. 11
192.168.1.19.............................................................................................................................................................. 12
192.168.1.24.............................................................................................................................................................. 13
192.168.1.111............................................................................................................................................................ 14

Hosts Summary (Executive)

192.168.1.1
Summary
Critical

High

Medium

Low

Info

Total

13

26

42

Details
Severity

Plugin Id

Name

Medium (6.4)

51192

SSL Certificate Cannot Be Trusted

Medium (6.4)

57582

SSL Self-Signed Certificate

Medium (5.8)

42880

SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection

Medium (5.0)

10297

Web Server Directory Traversal Arbitrary File Access

Medium (5.0)

10505

Apache WebDAV Module PROPFIND Arbitrary Directory Listing

Medium (5.0)

12217

DNS Server Cache Snooping Remote Information Disclosure

Medium (5.0)

20007

SSL Version 2 and 3 Protocol Detection

Medium (5.0)

45411

SSL Certificate with Wrong Hostname

Medium (5.0)

57608

SMB Signing Required

Medium (4.3)

26928

SSL Weak Cipher Suites Supported

Medium (4.3)

42873

SSL Medium Strength Cipher Suites Supported

Medium (4.3)

44135

Web Server Generic Cookie Injection

Medium (4.0)

35291

SSL Certificate Signed using Weak Hashing Algorithm

Low (3.2)

50686

IP Forwarding Enabled

Low (2.6)

42263

Unencrypted Telnet Server

Low (2.6)

65821

SSL RC4 Cipher Suites Supported

Info

10107

HTTP Server Type and Version

Info

10114

ICMP Timestamp Request Remote Date Disclosure

Info

10150

Windows NetBIOS / SMB Remote Host Information Disclosure

Info

10281

Telnet Server Detection

Info

10287

Traceroute Information

Info

10863

SSL Certificate Information

Info

10919

Open Port Re-check

Info

11002

DNS Server Detection

Info

11011

Microsoft Windows SMB Service Detection

Info

11219

Nessus SYN scanner

Info

11424

WebDAV Detection

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

21643

SSL Cipher Suites Supported

Info

22964

Service Detection

Info

24260

HyperText Transfer Protocol (HTTP) Information

Info

25220

TCP/IP Timestamps Supported

Info

35716

Ethernet Card Manufacturer Detection

Info

43111

HTTP Methods Allowed (per directory)

Info

45410

SSL Certificate commonName Mismatch

Info

45590

Common Platform Enumeration (CPE)

Info

54615

Device Type

Info

56984

SSL / TLS Versions Supported

Info

62563

SSL Compression Methods Supported

Info

70544

SSL Cipher Block Chaining Cipher Suites Supported

192.168.1.12
Summary
Critical

High

Medium

Low

Info

Total

12

12

Details
Severity

Plugin Id

Name

Info

10287

Traceroute Information

Info

10919

Open Port Re-check

Info

11219

Nessus SYN scanner

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

19772

Skype Detection

Info

21208

Skype Stack Version Detection

Info

22964

Service Detection

Info

25220

TCP/IP Timestamps Supported

Info

35716

Ethernet Card Manufacturer Detection

Info

45590

Common Platform Enumeration (CPE)

Info

66717

mDNS Detection (Local Network)

192.168.1.13
Summary
Critical

High

Medium

Low

Info

Total

16

19

Details
Severity

Plugin Id

Name

High (7.5)

41028

SNMP Agent Default Community Name (public)

Medium (5.0)

76474

SNMP 'GETBULK' Reflection DDoS

Low (2.6)

42263

Unencrypted Telnet Server

Info

10107

HTTP Server Type and Version

Info

10114

ICMP Timestamp Request Remote Date Disclosure

Info

10281

Telnet Server Detection

Info

10287

Traceroute Information

Info

10551

SNMP Request Network Interfaces Enumeration

Info

11819

TFTP Daemon Detection

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

14274

Nessus SNMP Scanner

Info

19506

Nessus Scan Information

Info

22964

Service Detection

Info

25220

TCP/IP Timestamps Supported

Info

35296

SNMP Protocol Version Detection

Info

35716

Ethernet Card Manufacturer Detection

Info

40448

SNMP Supported Protocols Detection

Info

54615

Device Type

192.168.1.15
Summary
Critical

High

Medium

Low

Info

Total

34

37

Details
Severity

Plugin Id

Name

Medium (6.4)

51192

SSL Certificate Cannot Be Trusted

Medium (6.4)

57582

SSL Self-Signed Certificate

Medium (5.0)

10677

Apache mod_status /server-status Information Disclosure

Info

10107

HTTP Server Type and Version

Info

10147

Nessus Server Detection

Info

10302

Web Server robots.txt Information Disclosure

Info

10386

Web Server No 404 Error Code Check

Info

10863

SSL Certificate Information

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

12634

Authenticated Check : OS Name and Installed Package Enumeration

Info

14272

netstat portscanner (SSH)

Info

19506

Nessus Scan Information

Info

21643

SSL Cipher Suites Supported

Info

22869

Software Enumeration (SSH)

Info

22964

Service Detection

Info

24260

HyperText Transfer Protocol (HTTP) Information

Info

25202

Enumerate IPv6 Interfaces via SSH

Info

25203

Enumerate IPv4 Interfaces via SSH

Info

33276

Enumerate MAC Addresses via SSH

Info

35716

Ethernet Card Manufacturer Detection

Info

39521

Backported Security Patch Detection (WWW)

Info

42822

Strict Transport Security (STS) Detection

Info

45410

SSL Certificate commonName Mismatch

Info

45590

Common Platform Enumeration (CPE)

Info

48243

PHP Version

Info

50845

OpenSSL Detection

Info

54615

Device Type

Info

55472

Device Hostname

Info

56468

Time of Last System Startup

Info

56984

SSL / TLS Versions Supported

Info

57041

SSL Perfect Forward Secrecy Cipher Suites Supported

Info

58651

Netstat Active Connections

Info

62563

SSL Compression Methods Supported

Info

62564

TLS Next Protocols Supported

Info

64582

Netstat Connection Information

Info

70544

SSL Cipher Block Chaining Cipher Suites Supported

192.168.1.17
Summary
Critical

High

Medium

Low

Info

Total

22

24

Details
Severity

Plugin Id

Name

Critical (10.0)

53514

MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code


Execution (2509553) (remote check)

Medium (5.0)

57608

SMB Signing Required

Info

10114

ICMP Timestamp Request Remote Date Disclosure

Info

10150

Windows NetBIOS / SMB Remote Host Information Disclosure

Info

10287

Traceroute Information

Info

10394

Microsoft Windows SMB Log In Possible

Info

10397

Microsoft Windows SMB LanMan Pipe Server Listing Disclosure

Info

10736

DCE Services Enumeration

Info

10785

Microsoft Windows SMB NativeLanManager Remote System Information


Disclosure

Info

10919

Open Port Re-check

Info

11011

Microsoft Windows SMB Service Detection

Info

11153

Service Detection (HELP Request)

Info

11219

Nessus SYN scanner

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

24786

Nessus Windows Scan Not Performed with Admin Privileges

Info

25220

TCP/IP Timestamps Supported

Info

26917

Microsoft Windows SMB Registry : Nessus Cannot Access the Windows


Registry

Info

35716

Ethernet Card Manufacturer Detection

Info

45590

Common Platform Enumeration (CPE)

Info

46180

Additional DNS Hostnames

Info

53513

Link-Local Multicast Name Resolution (LLMNR) Detection

Info

54615

Device Type

10

192.168.1.18
Summary
Critical

High

Medium

Low

Info

Total

21

22

Details
Severity

Plugin Id

Name

Medium (5.0)

57608

SMB Signing Required

Info

10150

Windows NetBIOS / SMB Remote Host Information Disclosure

Info

10287

Traceroute Information

Info

10394

Microsoft Windows SMB Log In Possible

Info

10397

Microsoft Windows SMB LanMan Pipe Server Listing Disclosure

Info

10919

Open Port Re-check

Info

11011

Microsoft Windows SMB Service Detection

Info

11153

Service Detection (HELP Request)

Info

11219

Nessus SYN scanner

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

19772

Skype Detection

Info

21208

Skype Stack Version Detection

Info

22964

Service Detection

Info

24786

Nessus Windows Scan Not Performed with Admin Privileges

Info

25220

TCP/IP Timestamps Supported

Info

26917

Microsoft Windows SMB Registry : Nessus Cannot Access the Windows


Registry

Info

35716

Ethernet Card Manufacturer Detection

Info

45590

Common Platform Enumeration (CPE)

Info

53513

Link-Local Multicast Name Resolution (LLMNR) Detection

Info

54615

Device Type

11

192.168.1.19
Summary
Critical

High

Medium

Low

Info

Total

20

23

Details
Severity

Plugin Id

Name

Critical (10.0)

73182

Microsoft Windows XP Unsupported Installation Detection

Medium (5.0)

26920

Microsoft Windows SMB NULL Session Authentication

Medium (5.0)

57608

SMB Signing Required

Info

10114

ICMP Timestamp Request Remote Date Disclosure

Info

10150

Windows NetBIOS / SMB Remote Host Information Disclosure

Info

10287

Traceroute Information

Info

10394

Microsoft Windows SMB Log In Possible

Info

10785

Microsoft Windows SMB NativeLanManager Remote System Information


Disclosure

Info

10884

Network Time Protocol (NTP) Server Detection

Info

10919

Open Port Re-check

Info

11011

Microsoft Windows SMB Service Detection

Info

11153

Service Detection (HELP Request)

Info

11219

Nessus SYN scanner

Info

11936

OS Identification

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

24786

Nessus Windows Scan Not Performed with Admin Privileges

Info

25220

TCP/IP Timestamps Supported

Info

26917

Microsoft Windows SMB Registry : Nessus Cannot Access the Windows


Registry

Info

35716

Ethernet Card Manufacturer Detection

Info

45590

Common Platform Enumeration (CPE)

Info

46180

Additional DNS Hostnames

Info

54615

Device Type

12

192.168.1.24
Summary
Critical

High

Medium

Low

Info

Total

Details
Severity

Plugin Id

Name

Info

12053

Host Fully Qualified Domain Name (FQDN) Resolution

Info

19506

Nessus Scan Information

Info

35716

Ethernet Card Manufacturer Detection

13

192.168.1.111
Summary
Critical

High

Medium

Low

Info

Total

20

21

Details
Severity

Plugin Id

Name

Critical (10.0)

40887

MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback()


Vulnerability (975497) (uncredentialed check)

Info

10150

Windows NetBIOS / SMB Remote Host Information Disclosure

Info

10287

Traceroute Information

Info

10394

Microsoft Windows SMB Log In Possible

Info

10736

DCE Services Enumeration

Info

10785

Microsoft Windows SMB NativeLanManager Remote System Information


Disclosure

Info

10884

Network Time Protocol (NTP) Server Detection

Info

11011

Microsoft Windows SMB Service Detection

Info

11219

Nessus SYN scanner

Info

11936

OS Identification

Info

19506

Nessus Scan Information

Info

20870

LDAP Server Detection

Info

22964

Service Detection

Info

24786

Nessus Windows Scan Not Performed with Admin Privileges

Info

25220

TCP/IP Timestamps Supported

Info

25701

LDAP Crafted Search Request Server Information Disclosure

Info

26917

Microsoft Windows SMB Registry : Nessus Cannot Access the Windows


Registry

Info

35716

Ethernet Card Manufacturer Detection

Info

43829

Kerberos Information Disclosure

Info

45590

Common Platform Enumeration (CPE)

Info

54615

Device Type

14