| Security Issues and Fixes: 192.168.1.105 |
| Type |
Port |
Issue and Fix |
| Informational |
general/udp |
For your information, here is the traceroute from 192.168.1.106 to 192.168.1.105 :
192.168.1.106
192.168.1.105
Nessus ID : 10287 |
| Warning |
general/icmp |
Synopsis :
The remote host leaks memory in network packets.
Description :
The remote host is vulnerable to an 'Etherleak' - the remote ethernet
driver seems to leak bits of the content of the memory of the remote
operating system.
Note that an attacker may take advantage of this flaw only when its
target is on the same physical subnet.
See also :
http://www.atstake.com/research/advisories/2003/a010603-1.txt
Solution :
Contact your vendor for a fix
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE : CVE-2003-0001
BID : 6535
Other references : OSVDB:3873
Nessus ID : 11197 |
| Informational |
general/icmp |
Synopsis :
It is possible to determine the exact time set on the remote host.
Description :
The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date which is set on your machine.
This may help him to defeat all your time based authentication
protocols.
Solution :
Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).
Risk factor :
None
Plugin output :
The ICMP timestamps seem to be in little endian format (not in network format)
The difference between the local and remote clocks is -61208 seconds.
CVE : CVE-1999-0524
Nessus ID : 10114 |
| Vulnerability |
general/tcp |
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
'server' service.
Description :
The remote host is vulnerable to a buffer overrun in the 'Server'
service which may allow an attacker to execute arbitrary code on the
remote host with the 'System' privileges.
Solution :
Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista and 2008 :
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE : CVE-2008-4250
BID : 31874
Other references : OSVDB:49243
Nessus ID : 34477 |
| Informational |
general/tcp |
Information about this scan :
Nessus version : 4.0.1
Plugin feed version : 200906272034
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.1.106
Port scanner(s) : nessus_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Optimize the test : yes
CGI scanning : disabled
Web application tests : disabled
Max hosts : 20
Max checks : 4
Recv timeout : 5
Backports : None
Scan Start Date : 2009/6/29 10:15
Scan duration : 73 sec
Nessus ID : 19506 |
| Informational |
general/tcp |
Remote operating system : Microsoft Windows Server 2003 Service Pack 1
Confidence Level : 99
Method : MSRPC
The remote host is running Microsoft Windows Server 2003 Service Pack 1
Nessus ID : 11936 |
| Informational |
general/tcp |
Synopsis :
The manufacturer can be deduced from the Ethernet OUI.
Description :
Each ethernet MAC address starts with a 24-bit 'Organizationally
Unique Identifier'.
These OUI are registered by IEEE.
See also :
http://standards.ieee.org/faqs/OUI.html
http://standards.ieee.org/regauth/oui/index.shtml
Risk factor :
None
Plugin output :
The following card manufacturers were identified :
00:0c:29:10:6e:15 : VMware, Inc.
Nessus ID : 35716 |
| Informational |
general/tcp |
Synopsis :
The remote host seems to be a VMware virtual machine.
Description :
According to the MAC address of its network adapter, the remote host
is a VMware virtual machine.
Since it is physically accessible through the network, ensure that its
configuration matches your organization's security policy.
Risk factor :
None
Nessus ID : 20094 |
| Informational |
general/tcp |
192.168.1.105 resolves as 192-168-1-105.tpgi.com.au.
Nessus ID : 12053 |
| Informational |
pop3 (110/tcp) |
Synopsis :
A POP server is listening on the remote port.
Description :
The remote host is running a server that understands the Post Office
Protocol (POP), used by email clients to retrieve messages from a
server, possibly across a network link.
See also :
http://en.wikipedia.org/wiki/Post_Office_Protocol
Solution :
Disable this service if you do not use it.
Risk factor :
None
Plugin output :
Remote POP server banner :
+OK Microsoft Windows POP3 Service Version 1.0 <78815390@win2kr2> ready.
Nessus ID : 10185 |
| Informational |
pop3 (110/tcp) |
A POP3 server is running on this port.
Nessus ID : 22964 |
| Informational |
enpp (2968/tcp) |
The remote host appears to be running a version of IIS which allows remote
users to determine which authentication schemes are required for confidential
webpages.
Specifically, the following methods are enabled on the remote webserver:
- IIS NTLM authentication is enabled
Solution : None at this time
Risk factor : Low
CVE : CVE-2002-0419
BID : 4235
Nessus ID : 11871 |
| Informational |
enpp (2968/tcp) |
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem.
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : no
Keep-Alive : no
Options allowed : OPTIONS, TRACE, GET, HEAD, POST
Headers :
Connection: close
Date: Mon, 29 Jun 2009 17:16:57 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Content-type: text/html
Nessus ID : 24260 |
| Informational |
enpp (2968/tcp) |
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Microsoft-IIS/6.0
Nessus ID : 10107 |
| Informational |
enpp (2968/tcp) |
A web server is running on this port.
Nessus ID : 22964 |
| Informational |
http (80/tcp) |
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem.
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : yes
Keep-Alive : no
Options allowed : OPTIONS, TRACE, GET, HEAD, POST
Headers :
Content-Length: 1433
Content-Type: text/html
Content-Location: http://192-168-1-105.tpgi.com.au/iisstart.htm
Last-Modified: Sat, 22 Feb 2003 01:48:30 GMT
Accept-Ranges: bytes
ETag: "06be97f14dac21:2e2"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Mon, 29 Jun 2009 17:16:57 GMT
Nessus ID : 24260 |
| Informational |
http (80/tcp) |
The remote host appears to be running a version of IIS which allows remote
users to determine which authentication schemes are required for confidential
webpages.
Specifically, the following methods are enabled on the remote webserver:
- IIS NTLM authentication is enabled
Solution : None at this time
Risk factor : Low
CVE : CVE-2002-0419
BID : 4235
Nessus ID : 11871 |
| Informational |
http (80/tcp) |
Synopsis :
The remote web server is running Microsoft IIS.
Description :
The Patch level (Service Pack) of the remote IIS server appears to be
lower than the current IIS service pack level. As each service pack
typically contains many security patches, the server may be at risk.
Note that this test makes assumptions of the remote patch level based
on static return values (Content-Length) within a IIS Server's 404
error message. As such, the test can not be totally reliable and
should be manually confirmed.
Note also that, to determine IIS6 patch levels, a simple test is done
based on strict RFC 2616 compliance. It appears as if IIS6-SP1 will
accept CR as an end-of-line marker instead of both CR and LF.
Solution :
Ensure that the server is running the latest stable Service Pack.
Risk factor :
None
Plugin output :
The remote IIS server *seems* to be Microsoft IIS 6.0 - SP1
Nessus ID : 11874 |
| Informational |
http (80/tcp) |
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Microsoft-IIS/6.0
Nessus ID : 10107 |
| Informational |
http (80/tcp) |
A web server is running on this port.
Nessus ID : 22964 |
| Informational |
smtp (25/tcp) |
Synopsis :
An SMTP server is listening on the remote port.
Description :
The remote host is running a mail (SMTP) server on this port.
Since SMTP servers are the targets of spammers, it is recommended you
disable it if you do not use it.
Solution :
Disable this service if you do not use it, or filter incoming traffic
to this port.
Risk factor :
None
Plugin output :
Remote SMTP server banner :
220 win2kr2 Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Mon, 29 Jun 2009 10:16:02 -0700
Nessus ID : 10263 |
| Informational |
smtp (25/tcp) |
An SMTP server is running on this port.
Nessus ID : 22964 |
| Informational |
netbios-ssn (139/tcp) |
Synopsis :
A file / print sharing service is listening on the remote host.
Description :
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.
Risk factor :
None
Plugin output :
An SMB server is running on this port.
Nessus ID : 11011 |
| Informational |
netbios-ns (137/udp) |
Synopsis :
It is possible to obtain the network name of the remote host.
Description :
The remote host listens on udp port 137 and replies to NetBIOS nbtscan
requests. By sending a wildcard request it is possible to obtain the
name of the remote system and the name of its domain.
Risk factor :
None
Plugin output :
The following 4 NetBIOS names have been gathered :
WIN2KR2 = Computer name
WORKGROUP = Workgroup / Domain name
WIN2KR2 = File Server Service
WORKGROUP = Browser Service Elections
The remote host has the following MAC address on its adapter :
00:0c:29:10:6e:15
Other references : OSVDB:13577Nessus ID : 10150 |
| Informational |
blackjack (1025/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 1025 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Remote RPC service
TCP Port : 1025
IP : 192.168.1.105
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
TCP Port : 1025
IP : 192.168.1.105
Nessus ID : 10736 |
| Informational |
dab-sti-c (1076/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 1076 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Remote RPC service
TCP Port : 1076
IP : 192.168.1.105
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 1076
IP : 192.168.1.105
Nessus ID : 10736 |
| Informational |
imgames (1077/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 1077 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 1077
IP : 192.168.1.105
Nessus ID : 10736 |
| Informational |
rdrmshc (1075/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 1075 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 82ad4280-036b-11cf-972c-00aa006887b0, version 2.0
Description : Internet Information Service (IISAdmin)
Windows process : inetinfo.exe
Type : Remote RPC service
TCP Port : 1075
IP : 192.168.1.105
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Remote RPC service
TCP Port : 1075
IP : 192.168.1.105
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 1075
IP : 192.168.1.105
Nessus ID : 10736 |
| Informational |
kyoceranetdev (1063/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 1063 :
Object UUID : c9a3a158-00a3-4e87-94f5-8e09147b8957
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Remote RPC service
TCP Port : 1063
IP : 192.168.1.105
Object UUID : 4fa7294a-0d50-4c7a-b554-1d37f0343768
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Remote RPC service
TCP Port : 1063
IP : 192.168.1.105
Object UUID : ddeaf570-becf-4686-a1b5-c0f36f6d8a83
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Remote RPC service
TCP Port : 1063
IP : 192.168.1.105
Object UUID : 14711e09-eec0-44df-b39d-ae1c48f74376
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Remote RPC service
TCP Port : 1063
IP : 192.168.1.105
Nessus ID : 10736 |
| Vulnerability |
microsoft-ds (445/tcp) |
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
SMB implementation.
Description :
The remote version of Windows contains a flaw in the Server Message
Block (SMB) implementation which may allow an attacker to execute arbitrary
code on the remote host.
An attacker does not need to be authenticated to exploit this flaw.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms05-027.mspx
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE : CVE-2005-1206
BID : 13942
Other references : IAVA:2005-t-0019, OSVDB:17308
Nessus ID : 18502 |
| Vulnerability |
microsoft-ds (445/tcp) |
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
'server' service.
Description :
The remote host is vulnerable to heap overflow in the 'Server' service which
may allow an attacker to execute arbitrary code on the remote host with
the 'System' privileges.
In addition to this, the remote host is also vulnerable to an information
disclosure vulnerability in SMB which may allow an attacker to obtain
portions of the memory of the remote host.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms06-035.mspx
Risk factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE : CVE-2006-1314, CVE-2006-1315
BID : 18863, 18891
Other references : OSVDB:27154, OSVDB:27155
Nessus ID : 22034 |
| Vulnerability |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to crash the remote host due to a flaw in SMB.
Description :
The remote host is vulnerable to memory corruption vulnerability in SMB which
may allow an attacker to execute arbitrary code or perform a denial of service
against the remote host.
Solution :
Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008 :
http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE : CVE-2008-4834, CVE-2008-4835, CVE-2008-4114
BID : 31179, 33121, 33122
Nessus ID : 35362 |
| Vulnerability |
microsoft-ds (445/tcp) |
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
'server' service.
Description :
The remote host is vulnerable to a buffer overrun in the 'Server' service
which may allow an attacker to execute arbitrary code on the remote host
with the 'System' privileges.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE : CVE-2006-3439
BID : 19409
Nessus ID : 22194 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
Nessus is not able to access the remote Windows Registry.
Description :
It was not possible to connect to PIPE\winreg on the remote host.
If you intend to use Nessus to perform registry-based checks, the
registry checks will not work because the 'Remote Registry Access'
service (winreg) has been disabled on the remote host or can not be
connected to with the supplied credentials.
Risk factor :
None
Nessus ID : 26917 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain network information.
Description :
It was possible to obtain the browse list of the remote Windows system
by send a request to the LANMAN pipe. The browse list is the list of
the nearest Windows systems of the remote host.
Risk factor :
None
Plugin output :
Here is the browse list of the remote host :
UBUNTUSERVER810 ( os : 0.0 ) - ubuntuserver810 server (Samba, Ubuntu)
WIN2KR2 ( os : 0.0 )
Other references : OSVDB:300
Nessus ID : 10397 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to log into the remote Windows host with a NULL
session.
Description :
The remote host is running Microsoft Windows, and it was possible to
log into it using a NULL session (ie, with no login or password). An
unauthenticated remote attacker can leverage this issue to get
information about the remote host.
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
None
CVE : CVE-2002-1117
BID : 494
Nessus ID : 26920 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
A file / print sharing service is listening on the remote host.
Description :
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.
Risk factor :
None
Plugin output :
A CIFS server is running on this port.
Nessus ID : 11011 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to log into the remote host.
Description :
The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using one of the following
account :
- NULL session
- Guest account
- Given Credentials
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
None
Plugin output :
- NULL sessions are enabled on the remote host
CVE : CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222, CVE-2002-1117, CVE-2005-3595
BID : 494, 990, 11199
Nessus ID : 10394 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain information about the remote operating
system.
Description :
It is possible to get the remote operating system name and
version (Windows and/or Samba) by sending an authentication
request to port 139 or 445.
Risk factor :
None
Plugin output :
The remote Operating System is : Windows Server 2003 3790 Service Pack 1
The remote native lan manager is : Windows Server 2003 5.2
The remote SMB Domain Name is : WIN2KR2
Nessus ID : 10785 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available remotely :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Remote RPC service
Named pipe : \PIPE\protected_storage
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Remote RPC service
Named pipe : \PIPE\lsass
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 82ad4280-036b-11cf-972c-00aa006887b0, version 2.0
Description : Internet Information Service (IISAdmin)
Windows process : inetinfo.exe
Type : Remote RPC service
Named pipe : \PIPE\INETINFO
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Remote RPC service
Named pipe : \PIPE\INETINFO
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Remote RPC service
Named pipe : \PIPE\SMTPSVC
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \PIPE\INETINFO
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \PIPE\SMTPSVC
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Remote RPC service
Named pipe : \PIPE\W32TIME_ALT
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : \PIPE\lsass
Netbios name : \\WIN2KR2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : \PIPE\protected_storage
Netbios name : \\WIN2KR2
Nessus ID : 10736 |
| Informational |
epmap (135/tcp) |
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Solution :
N/A
Risk factor :
None
Plugin output :
The following DCERPC services are available locally :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : DNSResolver
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Local RPC service
Named pipe : dsrole
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Local RPC service
Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Local RPC service
Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Local RPC service
Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 82ad4280-036b-11cf-972c-00aa006887b0, version 2.0
Description : Internet Information Service (IISAdmin)
Windows process : inetinfo.exe
Type : Local RPC service
Named pipe : OLE3583221A07104B7781FABADD4CED
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 82ad4280-036b-11cf-972c-00aa006887b0, version 2.0
Description : Internet Information Service (IISAdmin)
Windows process : inetinfo.exe
Type : Local RPC service
Named pipe : INETINFO_LPC
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Local RPC service
Named pipe : OLE3583221A07104B7781FABADD4CED
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Local RPC service
Named pipe : INETINFO_LPC
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3.0
Description : Internet Information Service (SMTP)
Windows process : inetinfo.exe
Type : Local RPC service
Named pipe : SMTPSVC_LPC
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLE3583221A07104B7781FABADD4CED
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : INETINFO_LPC
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : SMTPSVC_LPC
Object UUID : c9a3a158-00a3-4e87-94f5-8e09147b8957
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : LRPC00000ae8.00000001
Object UUID : 4fa7294a-0d50-4c7a-b554-1d37f0343768
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : LRPC00000ae8.00000001
Object UUID : ddeaf570-becf-4686-a1b5-c0f36f6d8a83
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : LRPC00000ae8.00000001
Object UUID : 14711e09-eec0-44df-b39d-ae1c48f74376
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : LRPC00000ae8.00000001
Object UUID : a62cc960-8977-4d52-88a6-d332cd04c63d
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : OLEC632FE8812BA421EBCE38385EF01
Object UUID : a62cc960-8977-4d52-88a6-d332cd04c63d
UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0
Description : Distributed Transaction Coordinator
Windows process : msdtc.exe
Type : Local RPC service
Named pipe : LRPC00000b10.00000001
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : W32TIME_ALT
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : wzcsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE68CDC3C87AD345789C01EC4EC47D
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : wzcsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE68CDC3C87AD345789C01EC4EC47D
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : wzcsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE68CDC3C87AD345789C01EC4EC47D
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : dsrole
Nessus ID : 10736 |