Security Issues and Fixes: 192.168.1.104 |
Type |
Port |
Issue and Fix |
Informational |
domain (53/tcp) |
BIND 'NAMED' is an open-source DNS server from ISC.org.
Many proprietary DNS servers are based on BIND source code.
The BIND based NAMED servers (or DNS servers) allow remote users
to query for version and type information. The query of the CHAOS
TXT record 'version.bind', will typically prompt the server to send
the information back to the querying source.
The remote bind version is : 9.5.0-P2
Solution :
Using the 'version' directive in the 'options' section will block
the 'version.bind' query, but it will not log such attempts.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10028 |
Informational |
domain (53/tcp) |
Overview:
A DNS Server is running at this Host.
A Name Server translates domain names into IP addresses. This makes it
possible for a user to access a website by typing in the domain name instead of
the website's actual IP address.
Risk factor : None
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.100069 |
Vulnerability |
http (80/tcp) |
Overview: The host is running PHP and is prone to Buffer Overflow
vulnerability.
Vulnerability Insight:
The flaw is caused due to error in mbfilter_htmlent.c file in the mbstring
extension. These can be exploited via mb_convert_encoding, mb_check_encoding,
mb_convert_variables, and mb_parse_str functions.
Impact:
Successful exploitation could allow attackers to execute arbitrary code via
a crafted string containing an HTML entity.
Impact Level: Application
Affected Software/OS:
PHP version 4.3.0 to 5.2.6 on all running platform.
Fix: Upgrade to version 5.2.7 or later,
http://www.php.net/downloads.php
References:
http://bugs.php.net/bug.php?id=45722
http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html
CVSS Score:
CVSS Base Score : 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
Risk factor: High
CVE : CVE-2008-5557
BID : 32948
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.900185 |
Vulnerability |
http (80/tcp) |
Overview: The host is running PHP and is prone to Security Bypass and File
Writing vulnerability.
Vulnerability Insight:
The flaw is caused due to,
- An error in initialization of 'page_uid' and 'page_gid' global variables
for use by the SAPI 'php_getuid' function, which bypass the safe_mode
restrictions.
- When 'safe_mode' is enabled through a 'php_admin_flag' setting in
'httpd.conf' file, which does not enforce the 'error_log', 'safe_mode
restrictions.
- In 'ZipArchive::extractTo' function which allows attacker to write files
via a ZIP file.
Impact:
Successful exploitation could allow remote attackers to write arbitrary file,
bypass security restrictions and cause directory traversal attacks.
Impact Level: System/Application
Affected Software/OS:
PHP versions prior to 5.2.7.
Fix: Upgrade to version 5.2.7 or later
http://www.php.net/downloads.php
References:
http://www.php.net/ChangeLog-5.php#5.2.7
http://www.php.net/archive/2008.php#id2008-12-07-1
http://www.securityfocus.com/archive/1/archive/1/498985/100/0/threaded
CVSS Score:
CVSS Base Score : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
Risk factor: High
CVE : CVE-2008-5624, CVE-2008-5625, CVE-2008-5658
BID : 32383, 32625, 32688
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.900184 |
Warning |
http (80/tcp) |
Overview: The host is installed with PHP and is prone to Denial of
Service vulnerability.
Vulnerability Insight:
Improper handling of .zip file while doing extraction via
php_zip_make_relative_path function in php_zip.c file.
Impact:
Successful exploitation could result in denial of service condition.
Impact Level: Application
Affected Software/OS:
PHP version prior to 5.2.9
Fix:
Upgrade to PHP version 5.2.9 or above,
http://www.php.net/downloads.php
Workaround:
For workaround refer below link,
http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15
References:
http://www.php.net/releases/5_2_9.php
http://www.openwall.com/lists/oss-security/2009/04/01/9
CVSS Score:
CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
Risk factor : Medium
CVE : CVE-2009-1272
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.800393 |
Warning |
http (80/tcp) |
Overview: The host is running PHP and is prone to Cross-Site Scripting
vulnerability.
Vulnerability Insight:
The flaw is caused due to improper handling of certain inputs when
display_errors settings is enabled.
Impact:
Successful exploitation could allow attackers to inject arbitrary web script
or HTML via unspecified vectors and conduct Cross-Site Scripting attacks.
Impact Level: Application
Affected Software/OS:
PHP, PHP version 5.2.7 and prior on all running platform.
Fix: Upgrade to version 5.2.8 or later
http://www.php.net/downloads.php
References:
http://jvn.jp/en/jp/JVN50327700/index.html
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html
CVSS Score:
CVSS Base Score : 2.6 (AV:N/AC:H/Au:NR/C:N/I:P/A:N)
CVSS Temporal Score : 1.9
Risk factor : Low
CVE : CVE-2008-5814
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.800334 |
Warning |
http (80/tcp) |
Overview : The host is running Apache, which is prone to cross-site scripting
vulnerability.
Vulnerability Insight :
Input passed to the module mod_proxy_ftp with wildcard character
is not properly sanitized before returning to the user.
Impact : Remote attackers can execute arbitrary script code.
Impact Level : Application
Affected Software/OS :
Apache 2.0.0 to 2.0.63 and Apache 2.2.0 to 2.2.9 on All Platform
***
Note: The script might report a False Positive as it is only checking for
the vulnerable version of Apache. Vulnerability is only when mod_proxy
and mod_proxy_ftp is configured with the installed Apache version.
***
Fix : Fixed is available in the SVN repository,
http://svn.apache.org/viewvc?view=rev&revision=682871
http://svn.apache.org/viewvc?view=rev&revision=682868
References :
http://httpd.apache.org/
http://www.securityfocus.com/archive/1/495180
http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html
CVSS Score :
CVSS Base Score : 5.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:N)
CVSS Temporal Score : 4.5
Risk factor : Medium
CVE : CVE-2008-2939
BID : 30560
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.900107 |
Warning |
http (80/tcp) |
Overview:
PHP is prone to multiple security vulnerabilities. Successful
exploits could allow an attacker to cause a denial-of-service
condition. An unspecified issue with an unknown impact was also
reported.
These issues affect PHP 5.2.8 and prior versions.
Solution:
The vendor has released PHP 5.2.9 to address these issues. Please
see http://www.php.net/ fore more information.
See also:
http://www.securityfocus.com/bid/33927
Risk factor : Medium
CVE : CVE-2009-1271
BID : 33927
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.100146 |
Warning |
http (80/tcp) |
Overview: This host is running Apache Web Server and is prone to
Information Disclosure Vulnerability.
Vulnerability Insight:
This flaw is caused due to an error in 'mod_proxy_ajp' when handling
improperly malformed POST requests.
Impact:
Successful exploitation will let the attacker craft a special HTTP POST
request and gain sensitive information about the web server.
Impact level: Application
Affected Software/OS:
Apache HTTP Version 2.2.11
Workaround:
Update mod_proxy_ajp.c through SVN Repository (Revision 767089)
http://www.apache.org/dist/httpd/patches/apply_to_2.2.11/PR46949.diff
Fix: No solution or patch is available as on 29th April, 2009. Information
regarding this issue will be updated once the solution details are available.
For further updates refer, http://httpd.apache.org/download.cgi
References:
http://secunia.com/advisories/34827
http://xforce.iss.net/xforce/xfdb/50059
http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=766938&r2=767089
CVSS Score:
CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:P/I:N/A:N)
CVSS Temporal Score : 4.0
Risk factor: Medium
CVE : CVE-2009-1191
BID : 34663
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.900499 |
Warning |
http (80/tcp) |
Overview: The host is running PHP and is prone to Memory Information
Disclosure vulnerability.
Vulnerability Insight:
The flaw is caused due to improper validation of bgd_color or clrBack
argument in imageRotate function.
Impact:
Successful exploitation could let the attacker read the contents of arbitrary
memory locations through a crafted value for an indexed image.
Impact Level: Application
Affected Software/OS:
PHP version 5.x to 5.2.8 on all running platform.
Fix: No solution or patch is available as on 31st December, 2008. Information
regarding this issue will be updated once the solution details are available.
For updates refer, http://www.php.net/
References:
http://securitytracker.com/alerts/2008/Dec/1021494.html
http://downloads.securityfocus.com/vulnerabilities/exploits/33002.php
http://downloads.securityfocus.com/vulnerabilities/exploits/33002-2.php
CVSS Score:
CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:P/I:N/A:N)
CVSS Temporal Score : 2.9
Risk factor: Low
CVE : CVE-2008-5498
BID : 33002
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.900186 |
Informational |
http (80/tcp) |
A web server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10330 |
Informational |
http (80/tcp) |
The remote web server type is :
Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4 with Suhosin-Patch
Solution : You can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10107 |
Informational |
http (80/tcp) |
Synopsis :
Debugging functions are enabled on the remote HTTP server.
Description :
The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject to
cross-site-scripting attacks, dubbed XST for "Cross-Site-Tracing", when
used in conjunction with various weaknesses in browsers.
An attacker may use this flaw to trick your legitimate web users to give
him their credentials.
Solution :
Disable these methods.
See also :
http://www.kb.cert.org/vuls/id/867593
Risk factor :
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Plugin output :
Solution :
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
CVE : CVE-2004-2320
BID : 9506, 9561, 11604
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11213 |
Informational |
http (80/tcp) |
The following directories were discovered:
/cgi-bin, /icons
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Other references : OWASP:OWASP-CM-006
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11032 |
Informational |
pop3 (110/tcp) |
A pop3 server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10330 |
Informational |
netbios-ssn (139/tcp) |
An SMB server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11011 |
Warning |
ssh (22/tcp) |
Overview: The host is installed with OpenSSH and is prone to information
disclosure vulnerability.
Vulnerability Insight:
The flaw is caused due to the improper handling of errors within an SSH session
encrypted with a block cipher algorithm in the Cipher-Block Chaining 'CBC' mode.
Impact:
Successful exploits will allow attackers to obtain four bytes of plaintext from
an encrypted session.
Impact Level: Application
Affected Software/OS:
Versions prior to OpenSSH 5.2 are vulnerable. Various versions of SSH Tectia
are also affected.
Fix: Upgrade to higher version
http://www.openssh.com/portable.html
References:
http://www.securityfocus.com/bid/32319
Risk factor: Medium
BID : 32319
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.100153 |
Informational |
ssh (22/tcp) |
An ssh server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10330 |
Informational |
ssh (22/tcp) |
No key given for SLAD checks. SLAD checks will be disabled.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.90002 |
Informational |
ssh (22/tcp) |
Remote SSH version : SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1
Remote SSH supported authentication : publickey,password
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10267 |
Informational |
ssh (22/tcp) |
No key given for SLAD checks. SLAD checks will be disabled.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.90003 |
Informational |
smtp (25/tcp) |
An SMTP server is running on this port
Here is its banner :
220 ubuntuserver810.home.gateway ESMTP Postfix (Ubuntu)
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10330 |
Informational |
smtp (25/tcp) |
Remote SMTP server banner :
220 ubuntuserver810.home.gateway ESMTP Postfix (Ubuntu)
This is probably: Postfix
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10263 |
Informational |
imap (143/tcp) |
The remote imap server banner is :
* OK Dovecot ready.
Versions and types should be omitted where possible.
Change the imap banner to something generic.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11414 |
Informational |
microsoft-ds (445/tcp) |
A CIFS server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11011 |
Informational |
microsoft-ds (445/tcp) |
It was possible to log into the remote host using user defined
login/password combinations :
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10394 |
Vulnerability |
http-alt (8080/tcp) |
Overview: This host is running Apache Tomcat Server and is prone to
multiple vulnerabilities.
Vulnerability Insight:
Multiple flows are due to,
- Error in 'XML parser' used for other web applications, which allows local users to
read or modify the web.xml, context.xml, or tld files via a crafted application
that is loaded earlier than the target application.
- when FORM authentication is used, cause enumerate valid usernames via requests
to /j_security_check with malformed URL encoding of passwords, related to
improper error checking in the MemoryRealm, DataSourceRealm, and JDBCRealm
authentication realms, as demonstrated by a % (percent) value for the
j_password parameter.
- when the 'Java AJP connector' and 'mod_jk load balancing' are used, via a
crafted request with invalid headers, related to temporary blocking of
connectors that have encountered errors, as demonstrated by an error
involving a malformed HTTP Host header.
Impact:
Successful attempt could lead to remote code execution and attacker can gain
the full permission on affected file, and can cause denial of service.
Impact Level: System/Application
Affected Software/OS:
Apache Tomcat version 6.0.0 to 6.0.18
Apache Tomcat version 5.5.0 to 5.5.27
Apache Tomcat version 4.1.0 to 4.1.39
Fix: Upgrade to Apache Tomcat version 4.1.40, or 5.5.28, or 6.0.20
http://archive.apache.org/dist/tomcat/
References:
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-4.html
http://www.securitytracker.com/id?1022336
http://www.vupen.com/english/advisories/2009/1496
http://svn.apache.org/viewvc?view=rev&revision=781708
CVSS Score:
CVSS Base Score : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
Risk factor : High
CVE : CVE-2009-0033, CVE-2009-0580, CVE-2009-0783, CVE-2008-5515
BID : 35193, 35196
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.800813 |
Warning |
http-alt (8080/tcp) |
Default files, such as documentation, default Servlets and JSPs were found on
the Apache Tomcat servlet/JSP container.
Solution: Remove default files, example JSPs and Servlets from the Tomcat
Servlet/JSP container.
These files should be removed as they may help an attacker to guess the
exact version of Apache Tomcat which is running on this host and may provide
other useful information.
The following default files were found :
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Risk factor : Low
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.12085 |
Warning |
http-alt (8080/tcp) |
Overview:
This host is running Apache Tomcat and is prone to Cross Site Scripting
vulnerability.
Vulnerability Insight:
The issue is due to input validation error in time parameter in
'jsp/cal/cal2.jsp' file in calendar application.
Impact:
Successful exploitation will allow remote attackers to inject arbitrary HTML
codes in the context of the affected web application.
Impact Level: Application
Affected Software/OS:
Apache Tomcat version 4.1.0 to 4.1.39, 5.5.0 to 5.5.27 and 6.0.0 to 6.0.18
Fix:
Update your cal2.jsp through SVN.
Revision numbers are 750924 or 750928.
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-4.html
References:
http://www.packetstormsecurity.org/0903-exploits/CVE-2009-0781.txt
http://www.securityfocus.com/archive/1/archive/1/501538/100/0/threaded
CVSS Score:
CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N)
CVSS Temporal Score : 3.4
Risk factor: Medium
CVE : CVE-2009-0781
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.800372 |
Informational |
http-alt (8080/tcp) |
A web server is running on this port
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10330 |
Informational |
http-alt (8080/tcp) |
The remote web server type is :
Apache-Coyote/1.1
and the 'ServerTokens' directive is ProductOnly
Apache does not permit to hide the server type.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10107 |
Informational |
http-alt (8080/tcp) |
on Server: Apache-Coyote/1.1 on Server: Apache-Coyote/1.1
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.101021 |
Informational |
http-alt (8080/tcp) |
The following directories were discovered:
/docs, /examples
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Other references : OWASP:OWASP-CM-006
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.11032 |
Warning |
netbios-ns (137/udp) |
The following 7 NetBIOS names have been gathered :
UBUNTUSERVER810 = This is the computer name registered for workstation services by a WINS client.
UBUNTUSERVER810 = This is the current logged in user registered for this workstation.
UBUNTUSERVER810 = Computer name
__MSBROWSE__
WORKGROUP
WORKGROUP = Workgroup / Domain name (part of the Browser elections)
WORKGROUP = Workgroup / Domain name
. This SMB server seems to be a SAMBA server (this is not a security
risk, this is for your information). This can be told because this server
claims to have a null MAC address
If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.
Risk factor : Medium
CVE : CAN-1999-0621
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.10150 |
Informational |
general/tcp |
ICMP based OS fingerprint results:
Linux Kernel 2.6.11 (accuracy 100%)
Linux Kernel 2.6.10 (accuracy 100%)
Linux Kernel 2.6.9 (accuracy 100%)
Linux Kernel 2.6.8 (accuracy 100%)
Linux Kernel 2.6.7 (accuracy 100%)
Linux Kernel 2.6.6 (accuracy 100%)
Linux Kernel 2.6.5 (accuracy 100%)
Linux Kernel 2.6.4 (accuracy 100%)
Linux Kernel 2.6.3 (accuracy 100%)
Linux Kernel 2.6.2 (accuracy 100%)
Linux Kernel 2.6.1 (accuracy 100%)
Linux Kernel 2.6.0 (accuracy 100%)
Linux Kernel 2.4.30 (accuracy 100%)
Linux Kernel 2.4.29 (accuracy 100%)
Linux Kernel 2.4.28 (accuracy 100%)
Linux Kernel 2.4.27 (accuracy 100%)
Linux Kernel 2.4.26 (accuracy 100%)
Linux Kernel 2.4.25 (accuracy 100%)
Linux Kernel 2.4.24 (accuracy 100%)
Linux Kernel 2.4.23 (accuracy 100%)
Linux Kernel 2.4.22 (accuracy 100%)
Linux Kernel 2.4.21 (accuracy 100%)
Linux Kernel 2.4.20 (accuracy 100%)
Linux Kernel 2.4.19 (accuracy 100%)
Linux Kernel 2.0.36 (accuracy 100%)
Linux Kernel 2.0.34 (accuracy 100%)
Linux Kernel 2.0.30 (accuracy 100%)
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.102002 |
Informational |
general/tcp |
Nikto could not be found in your system path.
OpenVAS was unable to execute Nikto and to perform the scan you
requested.
Please make sure that Nikto is installed and that nikto.pl or nikto is
available in the PATH variable defined for your environment.
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.14260 |
Informational |
general/tcp |
Information about this scan :
OpenVAS version : 2.0.1
Plugin feed version : 200906251300
Type of plugin feed : OpenVAS NVT Feed
Scanner IP : 192.168.1.106
Port scanner(s) : openvas_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Max hosts : 20
Max checks : 4
Scan duration : unknown (ping_host.nasl not launched?)
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.19506 |
Informational |
general/SMBClient |
OS Version = UNIX
Domain = UBUNTUSERVER810
SMB Serverversion = SAMBA 3.2.3
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.90011 |
Warning |
domain (53/udp) |
Overview: The host is running BIND and is prone to Security Bypass
Vulnerability.
Vulnerability Insight:
The flaw is caused due to improper validation of return value from OpenSSL's
DSA_do_verify and VP_VerifyFinal functions.
Impact:
Successful exploitation could allow remote attackers to bypass the certificate
validation checks and can cause man-in-the-middle attack via signature checks
on DSA and ECDSA keys used with SSL/TLS.
Impact Level: Application
Affected Software/OS:
ISC BIND version prior to 9.2 or 9.6.0 P1 or 9.5.1 P1 or 9.4.3 P1 or 9.3.6 P1/Linux
Fix: Upgrade to version 9.6.0 P1, 9.5.1 P1, 9.4.3 P1, 9.3.6 P1
https://www.isc.org/downloadables/11
References:
https://www.isc.org/node/373
http://secunia.com/advisories/33404/
http://www.ocert.org/advisories/ocert-2008-016.html
CVSS Score:
CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
Risk factor: Medium
CVE : CVE-2008-5077, CVE-2009-0025, CVE-2009-0265
BID : 33150, 33151
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.800338 |
Informational |
domain (53/udp) |
Overview:
A DNS Server is running at this Host.
A Name Server translates domain names into IP addresses. This makes it
possible for a user to access a website by typing in the domain name instead of
the website's actual IP address.
Risk factor : None
OpenVAS ID : 1.3.6.1.4.1.25623.1.0.100069 |