SummaryThis document reports on the results of an automatic security scan. The report first summarises the results found. Then, for each host, the report describes every issue found. Please consider the advice given in each description, in order to rectify the issue. Vendor security updates are not trusted. Overrides are off. Even when a result has an override, this report uses the actual threat of the result. Notes are excluded from the report. This report might not show details of all issues that were found. It only lists hosts that produced issues. Issues with the threat level "False Positive" are not shown. This report contains all 69 results selected by the filtering described above. Before filtering there were 79 results. All dates are displayed using the timezone "Coordinated Universal Time", which is abbreviated "UTC".
Host Summary
Results per HostHost 176.28.50.165
Port Summary for Host 176.28.50.165
Security Issues for Host 176.28.50.16525/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check)
(OID: 1.3.6.1.4.1.25623.1.0.105043)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check) (OID: 1.3.6.1.4.1.25623.1.0.105043) Version used: $Revision: 1152 $
References
110/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check)
(OID: 1.3.6.1.4.1.25623.1.0.105043)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check) (OID: 1.3.6.1.4.1.25623.1.0.105043) Version used: $Revision: 1152 $
References
143/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check)
(OID: 1.3.6.1.4.1.25623.1.0.105043)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (STARTTLS Check) (OID: 1.3.6.1.4.1.25623.1.0.105043) Version used: $Revision: 1152 $
References
465/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.105042)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Solution type: VendorFix Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.105042) Version used: $Revision: 1369 $
References
993/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.105042)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Solution type: VendorFix Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.105042) Version used: $Revision: 1369 $
References
995/tcp
Medium
(CVSS: 6.8)
NVT:
OpenSSL CCS Man in the Middle Security Bypass Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.105042)
Summary
OpenSSL is prone to security-bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution
Solution type: VendorFix Updates are available.
Affected Software/OS
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
Vulnerability Insight
OpenSSL does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
Vulnerability Detection Method
Send two SSL ChangeCipherSpec request and check the response. Details: OpenSSL CCS Man in the Middle Security Bypass Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.105042) Version used: $Revision: 1369 $
References
995/tcp
Medium
(CVSS: 5.0)
NVT:
SSL Certification Expired
(OID: 1.3.6.1.4.1.25623.1.0.103955)
Summary
The remote server's SSL certificate has already expired.
Vulnerability Detection Result
Expired Certificates: The SSL certificate on the remote service expired on 2013-11-09 10:32:06 Certificate details: subject ...: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US issued by .: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US serial ....: 509CDBA6 valid from : 2012-11-09 10:32:06 UTC valid until: 2013-11-09 10:32:06 UTC fingerprint: E56C82EE6205DD93BF17E938356E70BAA1719167 The SSL certificate on the remote service expired on 2013-11-09 10:32:06 Certificate details: subject ...: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US issued by .: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US serial ....: 509CDBA6 valid from : 2012-11-09 10:32:06 UTC valid until: 2013-11-09 10:32:06 UTC fingerprint: E56C82EE6205DD93BF17E938356E70BAA1719167 The SSL certificate on the remote service expired on 2013-11-09 10:32:06 Certificate details: subject ...: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US issued by .: 1.2.840.113549.1.9.1=#696E666F40706172616C6C656C732E636F6D,CN=Parallels Panel↵ ,OU=Parallels Panel,O=Parallels,L=Herndon,ST=Virginia,C=US serial ....: 509CDBA6 valid from : 2012-11-09 10:32:06 UTC valid until: 2013-11-09 10:32:06 UTC fingerprint: E56C82EE6205DD93BF17E938356E70BAA1719167
Solution
Replace the SSL certificate by a new one.
Vulnerability Insight
This script checks expiry dates of certificates associated with SSL-enabled services on the target and reports whether any have already expired.
Vulnerability Detection Method
Details: SSL Certification Expired (OID: 1.3.6.1.4.1.25623.1.0.103955) Version used: $Revision: 626 $ 25/tcp
Medium
(CVSS: 4.3)
NVT:
Check for SSL Weak Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.103440)
Summary
This routine search for weak SSL ciphers offered by a service.
Vulnerability Detection Result
Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA SSL3_EDH_RSA_DES_40_CBC_SHA SSL3_EDH_RSA_DES_64_CBC_SHA SSL3_ADH_RC4_40_MD5 SSL3_ADH_RC4_128_MD5 SSL3_ADH_DES_40_CBC_SHA SSL3_ADH_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA TLS1_EDH_RSA_DES_40_CBC_SHA TLS1_EDH_RSA_DES_64_CBC_SHA TLS1_ADH_RC4_40_MD5 TLS1_ADH_RC4_128_MD5 TLS1_ADH_DES_40_CBC_SHA TLS1_ADH_DES_64_CBC_SHA
Solution
The configuration of this services should be changed so that it does not support the listed weak ciphers anymore.
Vulnerability Insight
These rules are applied for the evaluation of the cryptographic strength: - Any SSL/TLS using no cipher is considered weak. - All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 protocol. - RC4 is considered to be weak. - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak. - 1024 bit RSA authentication is considered to be insecure and therefore as weak. - CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky 13 attacks - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong
Vulnerability Detection Method
Details: Check for SSL Weak Ciphers (OID: 1.3.6.1.4.1.25623.1.0.103440) Version used: $Revision: 733 $ 465/tcp
Medium
(CVSS: 4.3)
NVT:
Check for SSL Weak Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.103440)
Summary
This routine search for weak SSL ciphers offered by a service.
Vulnerability Detection Result
Weak ciphers offered by this service: SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_ADH_RC4_128_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_ADH_RC4_128_MD5
Solution
The configuration of this services should be changed so that it does not support the listed weak ciphers anymore.
Vulnerability Insight
These rules are applied for the evaluation of the cryptographic strength: - Any SSL/TLS using no cipher is considered weak. - All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 protocol. - RC4 is considered to be weak. - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak. - 1024 bit RSA authentication is considered to be insecure and therefore as weak. - CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky 13 attacks - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong
Vulnerability Detection Method
Details: Check for SSL Weak Ciphers (OID: 1.3.6.1.4.1.25623.1.0.103440) Version used: $Revision: 733 $ 465/tcp
Medium
(CVSS: 4.3)
NVT:
POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.802087)
Summary
This host is installed with OpenSSL and is prone to information disclosure vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream. Impact Level: Application
Solution
Vendor released a patch to address this vulnerabiliy, For updates contact vendor or refer to https://www.openssl.org NOTE: The only correct way to fix POODLE is to disable SSL v3.0
Affected Software/OS
OpenSSL through 1.0.1i
Vulnerability Insight
The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code
Vulnerability Detection Method
Send a SSLv3 request and check the response. Details: POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.802087) Version used: $Revision: 1152 $
References
993/tcp
Medium
(CVSS: 4.3)
NVT:
Check for SSL Weak Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.103440)
Summary
This routine search for weak SSL ciphers offered by a service.
Vulnerability Detection Result
Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA
Solution
The configuration of this services should be changed so that it does not support the listed weak ciphers anymore.
Vulnerability Insight
These rules are applied for the evaluation of the cryptographic strength: - Any SSL/TLS using no cipher is considered weak. - All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 protocol. - RC4 is considered to be weak. - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak. - 1024 bit RSA authentication is considered to be insecure and therefore as weak. - CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky 13 attacks - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong
Vulnerability Detection Method
Details: Check for SSL Weak Ciphers (OID: 1.3.6.1.4.1.25623.1.0.103440) Version used: $Revision: 733 $ 993/tcp
Medium
(CVSS: 4.3)
NVT:
POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.802087)
Summary
This host is installed with OpenSSL and is prone to information disclosure vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream. Impact Level: Application
Solution
Vendor released a patch to address this vulnerabiliy, For updates contact vendor or refer to https://www.openssl.org NOTE: The only correct way to fix POODLE is to disable SSL v3.0
Affected Software/OS
OpenSSL through 1.0.1i
Vulnerability Insight
The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code
Vulnerability Detection Method
Send a SSLv3 request and check the response. Details: POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.802087) Version used: $Revision: 1152 $
References
995/tcp
Medium
(CVSS: 4.3)
NVT:
Check for SSL Weak Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.103440)
Summary
This routine search for weak SSL ciphers offered by a service.
Vulnerability Detection Result
Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA
Solution
The configuration of this services should be changed so that it does not support the listed weak ciphers anymore.
Vulnerability Insight
These rules are applied for the evaluation of the cryptographic strength: - Any SSL/TLS using no cipher is considered weak. - All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 protocol. - RC4 is considered to be weak. - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak. - 1024 bit RSA authentication is considered to be insecure and therefore as weak. - CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky 13 attacks - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong
Vulnerability Detection Method
Details: Check for SSL Weak Ciphers (OID: 1.3.6.1.4.1.25623.1.0.103440) Version used: $Revision: 733 $ 995/tcp
Medium
(CVSS: 4.3)
NVT:
POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.802087)
Summary
This host is installed with OpenSSL and is prone to information disclosure vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream. Impact Level: Application
Solution
Vendor released a patch to address this vulnerabiliy, For updates contact vendor or refer to https://www.openssl.org NOTE: The only correct way to fix POODLE is to disable SSL v3.0
Affected Software/OS
OpenSSL through 1.0.1i
Vulnerability Insight
The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code
Vulnerability Detection Method
Send a SSLv3 request and check the response. Details: POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability (OID: 1.3.6.1.4.1.25623.1.0.802087) Version used: $Revision: 1152 $
References
general/tcp
Low
(CVSS: 2.6)
NVT:
TCP timestamps
(OID: 1.3.6.1.4.1.25623.1.0.80091)
Summary
The remote host implements TCP timestamps and therefore allows to compute the uptime.
Vulnerability Detection Result
It was detected that the host implements RFC1323. The following timestamps were retrieved with a delay of 1 seconds in-between: Paket 1: 773628534 Paket 2: 773628652
Impact
A side effect of this feature is that the uptime of the remote host can sometimes be computed.
Solution
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime. To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled' Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled. The default behavior of the TCP/IP stack on this Systems is, to not use the Timestamp options when initiating TCP connections, but use them if the TCP peer that is initiating communication includes them in their synchronize (SYN) segment. See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152
Affected Software/OS
TCP/IPv4 implementations that implement RFC1323.
Vulnerability Insight
The remote host implements TCP timestamps, as defined by RFC1323.
Vulnerability Detection Method
Special IP packets are forged and sent with a little delay in between to the target IP. The responses are searched for a timestamps. If found, the timestamps are reported. Details: TCP timestamps (OID: 1.3.6.1.4.1.25623.1.0.80091) Version used: $Revision: 787 $
References
general/tcp
Log
(CVSS: 0.0)
NVT:
OS fingerprinting
(OID: 1.3.6.1.4.1.25623.1.0.102002)
Summary
This script performs ICMP based OS fingerprinting (as described by Ofir Arkin and Fyodor Yarochkin in Phrack #57). It can be used to determine remote operating system version.
Vulnerability Detection Result
ICMP based OS fingerprint results: (100% confidence) Linux Kernel
Log Method
Details: OS fingerprinting (OID: 1.3.6.1.4.1.25623.1.0.102002) Version used: $Revision: 1739 $
References
general/icmp
Log
(CVSS: 0.0)
NVT:
ICMP Timestamp Detection
(OID: 1.3.6.1.4.1.25623.1.0.103190)
Summary
The remote host responded to an ICMP timestamp request. The Timestamp Reply is an ICMP message which replies to a Timestamp message. It consists of the originating timestamp sent by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp. This information could theoretically be used to exploit weak time-based random number generators in other services.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: ICMP Timestamp Detection (OID: 1.3.6.1.4.1.25623.1.0.103190) Version used: $Revision: 13 $
References
general/tcp
Log
(CVSS: 0.0)
NVT:
Traceroute
(OID: 1.3.6.1.4.1.25623.1.0.51662)
Summary
A traceroute from the scanning server to the target system was conducted. This traceroute is provided primarily for informational value only. In the vast majority of cases, it does not represent a vulnerability. However, if the displayed traceroute contains any private addresses that should not have been publicly visible, then you have an issue you need to correct.
Vulnerability Detection Result
Here is the route from 45.79.134.130 to 176.28.50.165: 45.79.134.130 207.99.53.41 209.123.10.102 209.123.11.142 195.66.225.173 80.237.129.181 176.28.4.54 176.28.50.165
Solution
Block unwanted packets from escaping your network.
Log Method
Details: Traceroute (OID: 1.3.6.1.4.1.25623.1.0.51662) Version used: $Revision: 975 $ general/CPE-T
Log
(CVSS: 0.0)
NVT:
CPE Inventory
(OID: 1.3.6.1.4.1.25623.1.0.810002)
Summary
This routine uses information collected by other routines about CPE identities (http://cpe.mitre.org/) of operating systems, services and applications detected during the scan.
Vulnerability Detection Result
176.28.50.165|cpe:/a:postfix:postfix 176.28.50.165|cpe:/a:nginx:nginx:1.4.1 176.28.50.165|cpe:/a:php:php:5.3.10 176.28.50.165|cpe:/a:openbsd:openssh:5.3p1 176.28.50.165|cpe:/o:canonical:ubuntu_linux
Log Method
Details: CPE Inventory (OID: 1.3.6.1.4.1.25623.1.0.810002) Version used: $Revision: 314 $ 21/tcp
Log
(CVSS: 0.0)
NVT:
FTP Banner Detection
(OID: 1.3.6.1.4.1.25623.1.0.10092)
Summary
This Plugin detects the FTP Server Banner
Vulnerability Detection Result
Remote FTP server banner : 220 ProFTPD 1.3.3e Server (ProFTPD) [176.28.50.165]
Log Method
Details: FTP Banner Detection (OID: 1.3.6.1.4.1.25623.1.0.10092) Version used: $Revision: 1776 $ 21/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An FTP server is running on this port. Here is its banner : 220 ProFTPD 1.3.3e Server (ProFTPD) [176.28.50.165]
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
SSH Protocol Versions Supported
(OID: 1.3.6.1.4.1.25623.1.0.100259)
Summary
Identification of SSH protocol versions supported by the remote SSH Server. Also reads the corresponding fingerprints from the service. The following versions are tried: 1.33, 1.5, 1.99 and 2.0
Vulnerability Detection Result
The remote SSH Server supports the following SSH Protocol Versions: 1.99 2.0 SSHv2 Fingerprint: ssh-rsa: a1:7d:bd:2c:5d:9f:02:26:da:52:91:c0:2d:20:2f:3c ssh-dss: 2d:4e:a6:d9:33:4a:f5:cf:fe:7a:e2:55:66:0a:41:ae
Log Method
Details: SSH Protocol Versions Supported (OID: 1.3.6.1.4.1.25623.1.0.100259) Version used: $Revision: 1952 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
SSH Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10267)
Summary
This detects the SSH Server's type and version by connecting to the server and processing the buffer received. This information gives potential attackers additional information about the system they are attacking. Versions and Types should be omitted where possible.
Vulnerability Detection Result
Detected SSH server version: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7.1 Remote SSH supported authentication: password,publickey Remote SSH banner: (not available) CPE: cpe:/a:openbsd:openssh:5.3p1 Concluded from remote connection attempt with credentials: Login: OpenVAS Password: OpenVAS
Log Method
Details: SSH Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10267) Version used: $Revision: 1789 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An ssh server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 25/tcp
Log
(CVSS: 0.0)
NVT:
SMTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10263)
Summary
This detects the SMTP Server's type and version by connecting to the server and processing the buffer received.
Vulnerability Detection Result
Remote SMTP server banner : 220 rs202995.rs.hosteurope.de ESMTP Postfix (Ubuntu) This is probably: Postfix Detected Postfix Version: unknown Location: 25/tcp CPE: cpe:/a:postfix:postfix
Solution
Change the login banner to something generic.
Log Method
Details: SMTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10263) Version used: $Revision: 1545 $ 25/tcp
Log
(CVSS: 0.0)
NVT:
SMTP STARTTLS Detection
(OID: 1.3.6.1.4.1.25623.1.0.103118)
Summary
Check if the remote Mailserver supports the STARTTLS command.
Vulnerability Detection Result
The remote Mailserver supports the STARTTLS command.
Log Method
Details: SMTP STARTTLS Detection (OID: 1.3.6.1.4.1.25623.1.0.103118) Version used: $Revision: 703 $ 25/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An SMTP server is running on this port Here is its banner : 220 rs202995.rs.hosteurope.de ESMTP Postfix (Ubuntu)
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 25/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service supports SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA SSL3_EDH_RSA_DES_192_CBC3_SHA SSL3_ADH_DES_192_CBC_SHA SSL3_DHE_RSA_WITH_AES_128_SHA SSL3_ADH_WITH_AES_128_SHA TLS1_RSA_DES_192_CBC3_SHA TLS1_EDH_RSA_DES_192_CBC3_SHA TLS1_ADH_DES_192_CBC_SHA TLS1_DHE_RSA_WITH_AES_128_SHA TLS1_ADH_WITH_AES_128_SHA Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA SSL3_EDH_RSA_DES_40_CBC_SHA SSL3_EDH_RSA_DES_64_CBC_SHA SSL3_ADH_RC4_40_MD5 SSL3_ADH_RC4_128_MD5 SSL3_ADH_DES_40_CBC_SHA SSL3_ADH_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA TLS1_EDH_RSA_DES_40_CBC_SHA TLS1_EDH_RSA_DES_64_CBC_SHA TLS1_ADH_RC4_40_MD5 TLS1_ADH_RC4_128_MD5 TLS1_ADH_DES_40_CBC_SHA TLS1_ADH_DES_64_CBC_SHA No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 25/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Medium Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.902816)
Summary
This Plugin reports about SSL Medium Ciphers.
Vulnerability Detection Result
Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA SSL3_EDH_RSA_DES_192_CBC3_SHA SSL3_ADH_DES_192_CBC_SHA SSL3_DHE_RSA_WITH_AES_128_SHA SSL3_ADH_WITH_AES_128_SHA TLS1_RSA_DES_192_CBC3_SHA TLS1_EDH_RSA_DES_192_CBC3_SHA TLS1_ADH_DES_192_CBC_SHA TLS1_DHE_RSA_WITH_AES_128_SHA TLS1_ADH_WITH_AES_128_SHA
Log Method
Details: Check for SSL Medium Ciphers (OID: 1.3.6.1.4.1.25623.1.0.902816) Version used: $Revision: 12 $ 53/tcp
Log
(CVSS: 0.0)
NVT:
DNS Server Detection
(OID: 1.3.6.1.4.1.25623.1.0.100069)
Summary
A DNS Server is running at this Host. A Name Server translates domain names into IP addresses. This makes it possible for a user to access a website by typing in the domain name instead of the website's actual IP address.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: DNS Server Detection (OID: 1.3.6.1.4.1.25623.1.0.100069) Version used: $Revision: 488 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
nginx Detection
(OID: 1.3.6.1.4.1.25623.1.0.100274)
Summary
Detection of nginx. The script sends a connection request to the server and attempts to extract the version number from the reply.
Vulnerability Detection Result
Detected nginx Version: 1.4.1 Location: 80/tcp CPE: cpe:/a:nginx:nginx:1.4.1 Concluded from version identification result: Server: nginx/1.4.1
Log Method
Details: nginx Detection (OID: 1.3.6.1.4.1.25623.1.0.100274) Version used: $Revision: 1581 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
HTTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10107)
Summary
This detects the HTTP Server's type and version.
Vulnerability Detection Result
The remote web server type is : nginx/1.4.1
Solution
Configure your server to use an alternate name like 'Wintendo httpD w/Dotmatrix display' Be sure to remove common logos like apache_pb.gif. With Apache, you can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.
Log Method
Details: HTTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10107) Version used: $Revision: 229 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A web server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
Web mirroring
(OID: 1.3.6.1.4.1.25623.1.0.10662)
Summary
This script makes a mirror of the remote web site and extracts the list of CGIs that are used by the remote host. It is suggested you allow a long-enough timeout value for this test routine and also adjust the setting on the number of pages to mirror.
Vulnerability Detection Result
The following CGI have been discovered : Syntax : cginame (arguments [default value]) /listproducts.php (cat [1] ) /artists.php (artist [1] ) /search.php (goButton [go] test [query] searchFor [] ) /secured/newuser.php (uuname [] upass [] upass2 [] urname [] ucc [] uemail [] uphone [] si↵ gnup [signup] ) /showimage.php (file [+pict.item(0).firstChild.nodeValue+] ) /hpp/ (pp [12] ) /userinfo.php (uname [] pass [] ) /comment.php (aid [1] ) The following directories have been discovered : /images /AJAX /Mod_Rewrite_Shop /hpp /Mod_Rewrite_Shop/images /Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1 /Mod_Rewrite_Shop/Details/web-camera-a4tech/2 /Mod_Rewrite_Shop/Details/color-printer/3 Directory index found at /images/ Directory index found at /Mod_Rewrite_Shop/images/
Log Method
Details: Web mirroring (OID: 1.3.6.1.4.1.25623.1.0.10662) Version used: $Revision: 1825 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
Directory Scanner
(OID: 1.3.6.1.4.1.25623.1.0.11032)
Summary
This plugin attempts to determine the presence of various common dirs on the remote web server
Vulnerability Detection Result
The following directories were discovered: /admin, /cgi-bin, /secured, /CVS, /Templates, /images While this is not, in and of itself, a bug, you should manually inspect these directories to ensure that they are in compliance with company security standards
Log Method
Details: Directory Scanner (OID: 1.3.6.1.4.1.25623.1.0.11032) Version used: $Revision: 1717 $
References
80/tcp
Log
(CVSS: 0.0)
NVT:
Directories used for CGI Scanning
(OID: 1.3.6.1.4.1.25623.1.0.111038)
Summary
The script prints out the directories which are used when CGI scanning is enabled.
Vulnerability Detection Result
The following directories are used for CGI scanning: /scripts /cgi-bin /CVS /Mod_Rewrite_Shop /AJAX /admin /images /Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1 /Mod_Rewrite_Shop/Details/web-camera-a4tech/2 /hpp /Mod_Rewrite_Shop/Details/color-printer/3 /secured /Templates /Mod_Rewrite_Shop/images /
Log Method
Details: Directories used for CGI Scanning (OID: 1.3.6.1.4.1.25623.1.0.111038) Version used: $Revision: 1727 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
PHP Version Detection
(OID: 1.3.6.1.4.1.25623.1.0.800109)
Summary
Detection of installed version of PHP. This script sends HTTP GET request and try to get the version from the responce, and sets the result in KB.
Vulnerability Detection Result
Detected PHP Version: 5.3.10 Location: tcp/80 CPE: cpe:/a:php:php:5.3.10 Concluded from version identification result: X-Powered-By: PHP/5.3.10-1~lucid+2uwsgi2
Log Method
Details: PHP Version Detection (OID: 1.3.6.1.4.1.25623.1.0.800109) Version used: $Revision: 1554 $ 106/tcp
Log
(CVSS: 0.0)
NVT:
FTP Banner Detection
(OID: 1.3.6.1.4.1.25623.1.0.10092)
Summary
This Plugin detects the FTP Server Banner
Vulnerability Detection Result
Remote FTP server banner : 200 poppassd hello, who are you?
Log Method
Details: FTP Banner Detection (OID: 1.3.6.1.4.1.25623.1.0.10092) Version used: $Revision: 1776 $ 106/tcp
Log
(CVSS: 0.0)
NVT:
Identifies services like FTP, SMTP, NNTP...
(OID: 1.3.6.1.4.1.25623.1.0.14773)
Summary
This plugin performs service detection. Description : This plugin is a complement of find_service.nasl. It attempts to identify services that return 3 ASCII digits codes (ie: FTP, SMTP, NNTP, ...)
Vulnerability Detection Result
A FTP server is running on this port
Log Method
Details: Identifies services like FTP, SMTP, NNTP... (OID: 1.3.6.1.4.1.25623.1.0.14773) Version used: $Revision: 1717 $ 110/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A pop3 server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 110/tcp
Log
(CVSS: 0.0)
NVT:
POP3 STARTTLS Detection
(OID: 1.3.6.1.4.1.25623.1.0.105008)
Summary
The remote POP3 Server supports the STARTTLS command.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: POP3 STARTTLS Detection (OID: 1.3.6.1.4.1.25623.1.0.105008) Version used: $Revision: 696 $ 110/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service does not support SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. No medium ciphers are supported by this service No weak ciphers are supported by this service No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 143/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An IMAP server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 143/tcp
Log
(CVSS: 0.0)
NVT:
IMAP STARTTLS Detection
(OID: 1.3.6.1.4.1.25623.1.0.105007)
Summary
The remote IMAP Server supports the STARTTLS command.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: IMAP STARTTLS Detection (OID: 1.3.6.1.4.1.25623.1.0.105007) Version used: $Revision: 696 $ 143/tcp
Log
(CVSS: 0.0)
NVT:
IMAP Banner
(OID: 1.3.6.1.4.1.25623.1.0.11414)
Summary
Displays the imap4 service banner.
Vulnerability Detection Result
The remote imap server banner is : * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFEREN↵ CES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION STARTTLS]
Log Method
Details: IMAP Banner (OID: 1.3.6.1.4.1.25623.1.0.11414) Version used: $Revision: 17 $ 143/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service does not support SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. No medium ciphers are supported by this service No weak ciphers are supported by this service No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
SMTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10263)
Summary
This detects the SMTP Server's type and version by connecting to the server and processing the buffer received.
Vulnerability Detection Result
Remote SMTP server banner : 220 rs202995.rs.hosteurope.de ESMTP Postfix (Ubuntu) This is probably: Postfix Detected Postfix Version: unknown Location: 465/tcp CPE: cpe:/a:postfix:postfix
Solution
Change the login banner to something generic.
Log Method
Details: SMTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10263) Version used: $Revision: 1545 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
SSL Certificate - Subject Common Name Does Not Match Server FQDN
(OID: 1.3.6.1.4.1.25623.1.0.103141)
Summary
The SSL certificate contains a common name (CN) that does not match the hostname.
Vulnerability Detection Result
Hostname: testphp.vulnweb.com Common Name: Parallels Panel
Log Method
Details: SSL Certificate - Subject Common Name Does Not Match Server FQDN (OID: 1.3.6.1.4.1.25623.1.0.103141) Version used: $Revision: 1279 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A TLScustom server answered on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An SMTP server is running on this port through SSL Here is its banner : 220 rs202995.rs.hosteurope.de ESMTP Postfix (Ubuntu)
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service does not support SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA SSL3_EDH_RSA_DES_192_CBC3_SHA SSL3_ADH_DES_192_CBC_SHA SSL3_DHE_RSA_WITH_AES_128_SHA SSL3_ADH_WITH_AES_128_SHA TLS1_RSA_DES_192_CBC3_SHA TLS1_EDH_RSA_DES_192_CBC3_SHA TLS1_ADH_DES_192_CBC_SHA TLS1_DHE_RSA_WITH_AES_128_SHA TLS1_ADH_WITH_AES_128_SHA Weak ciphers offered by this service: SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_ADH_RC4_128_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_ADH_RC4_128_MD5 No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 465/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Medium Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.902816)
Summary
This Plugin reports about SSL Medium Ciphers.
Vulnerability Detection Result
Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA SSL3_EDH_RSA_DES_192_CBC3_SHA SSL3_ADH_DES_192_CBC_SHA SSL3_DHE_RSA_WITH_AES_128_SHA SSL3_ADH_WITH_AES_128_SHA TLS1_RSA_DES_192_CBC3_SHA TLS1_EDH_RSA_DES_192_CBC3_SHA TLS1_ADH_DES_192_CBC_SHA TLS1_DHE_RSA_WITH_AES_128_SHA TLS1_ADH_WITH_AES_128_SHA
Log Method
Details: Check for SSL Medium Ciphers (OID: 1.3.6.1.4.1.25623.1.0.902816) Version used: $Revision: 12 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
SSL Certificate - Subject Common Name Does Not Match Server FQDN
(OID: 1.3.6.1.4.1.25623.1.0.103141)
Summary
The SSL certificate contains a common name (CN) that does not match the hostname.
Vulnerability Detection Result
Hostname: testphp.vulnweb.com Common Name: Parallels Panel
Log Method
Details: SSL Certificate - Subject Common Name Does Not Match Server FQDN (OID: 1.3.6.1.4.1.25623.1.0.103141) Version used: $Revision: 1279 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A TLScustom server answered on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An IMAP server is running on this port through SSL
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
IMAP Banner
(OID: 1.3.6.1.4.1.25623.1.0.11414)
Summary
Displays the imap4 service banner.
Vulnerability Detection Result
The remote imap server banner is : * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFEREN↵ CES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION]
Log Method
Details: IMAP Banner (OID: 1.3.6.1.4.1.25623.1.0.11414) Version used: $Revision: 17 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service supports SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA TLS1_RSA_DES_192_CBC3_SHA Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 993/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Medium Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.902816)
Summary
This Plugin reports about SSL Medium Ciphers.
Vulnerability Detection Result
Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA TLS1_RSA_DES_192_CBC3_SHA
Log Method
Details: Check for SSL Medium Ciphers (OID: 1.3.6.1.4.1.25623.1.0.902816) Version used: $Revision: 12 $ 995/tcp
Log
(CVSS: 0.0)
NVT:
SSL Certificate - Subject Common Name Does Not Match Server FQDN
(OID: 1.3.6.1.4.1.25623.1.0.103141)
Summary
The SSL certificate contains a common name (CN) that does not match the hostname.
Vulnerability Detection Result
Hostname: testphp.vulnweb.com Common Name: Parallels Panel
Log Method
Details: SSL Certificate - Subject Common Name Does Not Match Server FQDN (OID: 1.3.6.1.4.1.25623.1.0.103141) Version used: $Revision: 1279 $ 995/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A TLScustom server answered on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 995/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A pop3 server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 995/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.802067)
Summary
This routine search for SSL ciphers offered by a service.
Vulnerability Detection Result
Service supports SSLv2 ciphers. Service supports SSLv3 ciphers. Service supports TLSv1 ciphers. Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA TLS1_RSA_DES_192_CBC3_SHA Weak ciphers offered by this service: SSL2_RC4_128_MD5 SSL2_RC4_128_EXPORT40_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 SSL3_RSA_RC4_40_MD5 SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA SSL3_RSA_RC2_40_MD5 SSL3_RSA_DES_40_CBC_SHA SSL3_RSA_DES_64_CBC_SHA TLS1_RSA_RC4_40_MD5 TLS1_RSA_RC4_128_MD5 TLS1_RSA_RC4_128_SHA TLS1_RSA_RC2_40_MD5 TLS1_RSA_DES_40_CBC_SHA TLS1_RSA_DES_64_CBC_SHA No non-ciphers are supported by this service
Log Method
Details: Check for SSL Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) Version used: $Revision: 312 $ 995/tcp
Log
(CVSS: 0.0)
NVT:
Check for SSL Medium Ciphers
(OID: 1.3.6.1.4.1.25623.1.0.902816)
Summary
This Plugin reports about SSL Medium Ciphers.
Vulnerability Detection Result
Medium ciphers offered by this service: SSL3_RSA_DES_192_CBC3_SHA TLS1_RSA_DES_192_CBC3_SHA
Log Method
Details: Check for SSL Medium Ciphers (OID: 1.3.6.1.4.1.25623.1.0.902816) Version used: $Revision: 12 $ 8443/tcp
Log
(CVSS: 0.0)
NVT:
HTTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10107)
Summary
This detects the HTTP Server's type and version.
Vulnerability Detection Result
The remote web server type is : sw-cp-server
Solution
Configure your server to use an alternate name like 'Wintendo httpD w/Dotmatrix display' Be sure to remove common logos like apache_pb.gif. With Apache, you can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.
Log Method
Details: HTTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10107) Version used: $Revision: 229 $ 8443/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A web server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 8443/tcp
Log
(CVSS: 0.0)
NVT:
Directories used for CGI Scanning
(OID: 1.3.6.1.4.1.25623.1.0.111038)
Summary
The script prints out the directories which are used when CGI scanning is enabled.
Vulnerability Detection Result
The following directories are used for CGI scanning: /scripts /cgi-bin /
Log Method
Details: Directories used for CGI Scanning (OID: 1.3.6.1.4.1.25623.1.0.111038) Version used: $Revision: 1727 $ 8880/tcp
Log
(CVSS: 0.0)
NVT:
HTTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10107)
Summary
This detects the HTTP Server's type and version.
Vulnerability Detection Result
The remote web server type is : sw-cp-server
Solution
Configure your server to use an alternate name like 'Wintendo httpD w/Dotmatrix display' Be sure to remove common logos like apache_pb.gif. With Apache, you can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.
Log Method
Details: HTTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10107) Version used: $Revision: 229 $ 8880/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A web server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 8880/tcp
Log
(CVSS: 0.0)
NVT:
Directories used for CGI Scanning
(OID: 1.3.6.1.4.1.25623.1.0.111038)
Summary
The script prints out the directories which are used when CGI scanning is enabled.
Vulnerability Detection Result
The following directories are used for CGI scanning: /scripts /cgi-bin /
Log Method
Details: Directories used for CGI Scanning (OID: 1.3.6.1.4.1.25623.1.0.111038) Version used: $Revision: 1727 $
This file was automatically generated.
|