Академический Документы
Профессиональный Документы
Культура Документы
Summary
This document reports on the results of an automatic security scan. The scan started
at Thu Jul 10 14:45:16 2014 UTC and ended at Thu Jul 10 15:01:24 2014 UTC. The report
first summarises the results found. Then, for each host, the report describes every issue
found. Please consider the advice given in each description, in order to rectify the issue.
Contents
1 Result Overview 2
1
CONTENTS 2
1 Result Overview
Host Most Severe Result(s) High Medium Low Log False Positives
10.99.85.97 (WIN-T5A1LTT4M64) Severity: Medium 0 6 8 51 0
Total: 1 0 6 8 51 0
This report contains all 65 results selected by the filtering described above. Before filtering
there were 70 results.
2.1 10.99.85.97
Host scan start Thu Jul 10 14:45:21 2014 UTC
Host scan end Thu Jul 10 15:01:23 2014 UTC
. . . (continued) ...
Service (Port) Threat Level
general/icmp Log
http (80/tcp) Log
microsoft-ds (445/tcp) Log
netbios-ns (137/udp) Log
netbios-ssn (139/tcp) Log
ssh (22/tcp) Log
Summary:
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Solution:
filter incoming traffic to this port.
[ return to 10.99.85.97 ]
Summary:
This routine search for weak SSL ciphers offered by a service.
Vulnerability Insight:
These rules are applied for the evaluation of the cryptographic strength:
- Any SSL/TLS using no cipher is considered weak.
- All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 pr
,→otocol.
- RC4 is considered to be weak.
- Ciphers using 64 bit or less are considered to be vulnerable to brute force me
,→thods
and therefore considered as weak.
- 1024 bit RSA authentication is considered to be insecure and therefore as weak
,→.
- CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky
,→ 13 attacks
- Any cipher considered to be secure for only the next 10 years is considered as
,→ medium
- Any other cipher is considered as strong
Solution:
The configuration of this services should be changed so
that it does not support the listed weak ciphers anymore.
Weak ciphers offered by this service:
SSL3_RSA_RC4_128_MD5
SSL3_RSA_RC4_128_SHA
SSL3_RSA_DES_64_CBC_SHA
TLS1_RSA_RC4_128_MD5
TLS1_RSA_RC4_128_SHA
TLS1_RSA_DES_64_CBC_SHA
[ return to 10.99.85.97 ]
References
Other:
URL:http://www.ietf.org/rfc/rfc1323.txt
[ return to 10.99.85.97 ]
Summary:
This routine search for weak SSL ciphers offered by a service.
Vulnerability Insight:
These rules are applied for the evaluation of the cryptographic strength:
- Any SSL/TLS using no cipher is considered weak.
- All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 pr
,→otocol.
- RC4 is considered to be weak.
- Ciphers using 64 bit or less are considered to be vulnerable to brute force me
,→thods
and therefore considered as weak.
- 1024 bit RSA authentication is considered to be insecure and therefore as weak
,→.
. . . continues on next page . . .
2 RESULTS PER HOST 8
[ return to 10.99.85.97 ]
Summary:
The remote server is running VNC.
VNC permits a console to be displayed remotely.
Solution:
Disable VNC access from the network by
using a firewall, or stop VNC service if not needed.
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
The SSL certificate of the remote service is valid between 2009-09-08 10:55:16 a
,→nd 2019-09-06 10:55:16 UTC.
[ return to 10.99.85.97 ]
References
Other:
URL:http://www.phrack.org/issues.html?issue=57&id=7#article
Open TCP ports: 80, 443, 990, 5900, 445, 21, 22, 5800, 135, 3306, 139
[ return to 10.99.85.97 ]
2 RESULTS PER HOST 15
Log
NVT:
Open port.
Summary:
The ssl certificate on this Port is self signed.
References
Other:
URL:http://en.wikipedia.org/wiki/Self-signed_certificate
The SSL certificate of the remote service is valid between 2009-09-08 10:55:16 a
,→nd 2019-09-06 10:55:16 UTC.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
Summary:
The remote FTP Server supports the STARTTLS command.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
10.99.85.97|cpe:/o:microsoft:windows
[ return to 10.99.85.97 ]
traceroute:10.99.85.176,10.99.85.97
. . . continues on next page . . .
2 RESULTS PER HOST 21
[ return to 10.99.85.97 ]
Summary:
The remote host responded to an ICMP timestamp request. The Timestamp Reply is
an ICMP message which replies to a Timestamp message. It consists of the
originating timestamp sent by the sender of the Timestamp as well as a receive
timestamp and a transmit timestamp. This information could theoretically be used
to exploit weak time-based random number generators in other services.
References
CVE: CVE-1999-0524
Other:
URL:http://www.ietf.org/rfc/rfc0792.txt
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
Summary:
It is possible to extract OS, domain and SMB server information
from the Session Setup AndX Response packet which is generated
during NTLM authentication.Detected SMB workgroup: WORKGROUP
Detected SMB server: Windows 7 Ultimate 6.1
Detected OS: Windows 7 Ultimate 7601 Service Pack 1
[ return to 10.99.85.97 ]
[ return to 10.99.85.97 ]
2 RESULTS PER HOST 24
Log
NVT:
Open port.
[ return to 10.99.85.97 ]
Log
NVT:
Open port.
The remote SSH Server supports the following SSH Protocol Versions:
1.99
1.5
2.0
1.33
SSHv1 Fingerprint: 01:ab:fc:75:0a:0c:94:21:67:65:1c:40:d0:88:53:1d
[ return to 10.99.85.97 ]