Report : 10/11/16 05:53:51 PM - Unix |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:53 2010 |
End Time: |
Tue Nov 16 17:57:22 2010 |
|
PolicyUUID:
8553131f-8753-43ca-b5ac-3078810f4fb9 |
|
|
|
|
|
[^] Back |
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:56:55 2010 |
|
Number of vulnerabilities :
Open Ports: |
17 |
Low: |
26 |
Medium: |
3 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Solaris |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.24 |
general/tcp |
OS Identification |
Remote operating system : Solaris Confidence Level : 75 Method : NTP The remote host is running Solaris
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 181 sec
Nessus ID : 19506
|
|
|
TCP/IP Timestamps Supported |
Synopsis :The remote service implements TCP timestamps. Description :The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See also : http://www.ietf.org/rfc/rfc1323.txtSolution : n/a Risk factor :None
Nessus ID : 25220
|
|
|
Web Application Tests Disabled |
Synopsis :Web application tests were not enabled during the scan. Description :One or several web servers were detected by Nessus, but neither the CGI tests nor the Web Application Tests were enabled. If you want to get a more complete report, you should enable one of these features, or both. Please note that the scan might take significantly longer with these tests, which is why they are disabled by default. See also : http://blog.tenablesecurity.com/web-app-auditing/Solution : To enable specific CGI tests, go to the 'Advanced' tab, select 'Global variable settings' and set 'Enable CGI scanning'. To generic enable web application tests, go to the 'Advanced' tab, select 'Web Application Tests Settings' and set 'Enable web applications tests'. You may configure other options, for example HTTP credentials in 'Login configurations', or form-based authentication in 'HTTP login page'. Risk factor :None
Nessus ID : 43067
|
|
|
|
[^]Back to 172.31.51.24 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.24 : 172.25.60.70 172.25.60.251 172.31.51.24
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.24 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.0.668 SSH Tectia Server SSH supported authentication : gssapi-with-mic,password,publickey,keyboard-interactive
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.24 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=381.91, rootdispersion=82.12, peer=14668, refid=172.31.35.9, reftime=0xd08cd500.0a620000, poll=10, clock=0xd08cd526.0e876000, phase=-2.975, freq=28252.81, error=10.06
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.24 |
xdmcp (177/udp) |
X Display Manager Control Protocol (XDMCP) Detection |
Synopsis :XDMCP is running on the remote host. Description :XDMCP allows a Unix user to remotely obtain a graphical X11 login (and therefore act as a local user on the remote host). If an attacker gains a valid login and password, he may be able to use this service to gain further access on the remote host. An attacker may also use this service to mount a dictionary attack against the remote host to try to log in remotely. Note that XDMCP (the Remote Desktop Protocol) is vulnerable to Man-in-the-middle attacks, making it easy for attackers to steal the credentials of legitimates users by impersonating the XDMCP server. In addition to this, XDMCP is not a ciphered protocol which make it easy for an attacker to capture the keystrokes entered by the user. Solution : Disable the XDMCP if you do not use it, and do not allow this service to run across the Internet Risk factor :Low / CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) Plugin output :Using XDMCP, it was possible to obtain the following information about the remote host : Hostname : m2urbre01 Status : 1 user, load: 0.0, 0.0, 0.0
Nessus ID : 10891
|
|
|
|
[^]Back to 172.31.51.24 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.24 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.24 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.24 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.24 |
afs3-callback (7001/tcp) |
Service Detection |
A web server is running on this port.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:53 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
|
[^]Back to 172.31.51.24 |
afs3-prserver (7002/tcp) |
SSL Certificate Information |
Synopsis :This plugin displays the SSL certificate. Description :This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. Solution : n/a Risk factor :None Plugin output :Subject Name: Country: MY State/Province: Wilayah Persekutuan Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: m2urbre01 Issuer Name: Country: MY State/Province: Wilayah Persekutuan Locality: Kuala Lumpur Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: M2UADAPT Email Address: yttay@maybank.com.my Serial Number: 00 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Nov 02 10:32:02 2010 GMT Not Valid After: Oct 30 10:32:02 2020 GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 CE 56 36 23 3C AE 38 B3 9C 05 44 34 4E E6 2B 11 58 DD 9A 25 F2 77 E6 A9 32 BD 36 C4 E2 C3 22 72 3A A8 D1 4A 2F C9 C5 7F 35 9C E4 A1 DF 25 C7 D5 64 87 51 36 6D 32 74 55 6D 6E CB 6B 1B E5 D0 DF FA F9 D0 22 2E 26 75 F4 59 A7 33 B1 12 D8 97 47 C3 37 4F 52 40 28 3E 42 26 53 60 6C 25 6E F8 52 01 0E 26 97 C6 FB A6 63 68 CA 62 75 36 82 6E F6 45 6C 46 68 CA 7B 86 F6 57 3F 77 FB FA A4 C2 59 Exponent: 01 00 01 Signature: 00 96 D4 81 D5 DF 41 27 F9 F7 B3 59 36 32 28 05 93 C3 9B 58 BF 6F 86 E7 AD 16 FB D1 B7 88 16 44 CF 5E 04 4E 85 02 39 EB FF A2 13 79 54 42 1F 01 1B DE 62 D4 FA 62 A6 C0 89 E5 C8 6F E9 1D 28 98 22 D1 D4 14 15 7D D5 3F E2 01 1F 78 72 9D F7 33 02 44 B9 A7 F7 E7 A3 2F 82 63 82 3A 07 D9 2E 3E E9 D9 35 66 B8 DC 62 3B A8 54 11 FD 54 1A BE 4B 54 39 ED 9A 77 BD 09 B2 F8 22 84 61 86 5A CB 0C 3D 6C AD CA 09 3F B6 92 02 8D 48 7D 79 ED 1A 19 87 5A D6 F7 D3 3B 60 E2 57 E0 40 B8 1E B0 91 D3 6D BD 8B 88 86 DF 7F 88 A2 F6 03 A0 1B 97 7B 50 EB 4C 7A E0 F0 AB 7F BE EE B1 9E 6A 2D 19 FC 1A FC 35 06 99 13 B7 DF BE CC 18 EC 84 21 55 90 C6 58 F2 92 95 C9 4F C6 79 D8 E3 94 2E F0 55 E5 BC D5 B7 44 E1 11 E7 7F C4 65 77 A4 93 1D D2 9B F9 25 EC 33 89 E0 A2 D9 4B 88 32 61 6F 3A B6 52 C6 C5 Extension: Basic Constraints (2.5.29.19) Critical: 0 Data: 30 00 Extension: Comment (2.16.840.1.113730.1.13) Critical: 0 Comment: OpenSSL Generated Certificate Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: 00 A5 1A 64 22 15 37 8C C1 77 54 90 CF 75 39 96 C0 6B 21 77 Extension: Authority Key Identifier (2.5.29.35) Critical: 0
Nessus ID : 10863
|
|
|
SSL Cipher Suites Supported |
Synopsis :The remote service encrypts communications using SSL. Description :This script detects which SSL ciphers are supported by the remote service for encrypting communications. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : n/a Risk factor :None Plugin output :Here is the list of SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv3 ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 21643
|
|
|
Service Detection |
An SSLv3 server answered on this port.
Nessus ID : 22964
|
|
|
Service Detection |
A web server is running on this port through SSLv3.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : yes Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:54 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
SSL Weak Cipher Suites Supported |
Synopsis :The remote service supports the use of weak SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here is the list of weak SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} Other references : CWE:327, CWE:326, CWE:753, CWE:803, CWE:720
Nessus ID : 26928
|
|
|
SSL Anonymous Cipher Suites Supported |
Synopsis :The remote service supports the use of anonymous SSL ciphers. Description :The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :The remote server supports the following anonymous SSL ciphers : ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 31705
|
|
|
SSL Medium Strength Cipher Suites Supported |
Synopsis :The remote service supports the use of medium strength SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Note: This is considerably easier to exploit if the attacker is on the same physical network. Solution : Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here are the medium strength SSL ciphers supported by the remote server : Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 42873
|
|
|
|
[^]Back to 172.31.51.24 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
filenet-pa (32772/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.24 |
sometimes-rpc9 (32773/tcp) |
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:57:09 2010 |
|
Number of vulnerabilities :
Open Ports: |
18 |
Low: |
27 |
Medium: |
3 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Sun Solaris 2.5 |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.26 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.26 : 172.25.60.70 172.25.60.251 172.31.46.102 172.31.51.26
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.26 |
general/tcp |
OS Identification |
Remote operating system : Sun Solaris 2.5 Confidence Level : 75 Method : SinFP Primary Method : NTP The remote host is running Sun Solaris 2.5
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 195 sec
Nessus ID : 19506
|
|
|
Web Application Tests Disabled |
Synopsis :Web application tests were not enabled during the scan. Description :One or several web servers were detected by Nessus, but neither the CGI tests nor the Web Application Tests were enabled. If you want to get a more complete report, you should enable one of these features, or both. Please note that the scan might take significantly longer with these tests, which is why they are disabled by default. See also : http://blog.tenablesecurity.com/web-app-auditing/Solution : To enable specific CGI tests, go to the 'Advanced' tab, select 'Global variable settings' and set 'Enable CGI scanning'. To generic enable web application tests, go to the 'Advanced' tab, select 'Web Application Tests Settings' and set 'Enable web applications tests'. You may configure other options, for example HTTP credentials in 'Login configurations', or form-based authentication in 'HTTP login page'. Risk factor :None
Nessus ID : 43067
|
|
|
Common Platform Enumeration (CPE) |
Synopsis :It is possible to enumerate CPE names that matched on the remote system. Description :By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host. Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan. See also : http://cpe.mitre.org/Solution : n/a Risk factor :None Plugin output :The remote operating system matched the following CPE : cpe:/o:sun:sunos:2.5
Nessus ID : 45590
|
|
|
|
[^]Back to 172.31.51.26 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.0.668 SSH Tectia Server SSH supported authentication : gssapi-with-mic,password,publickey,keyboard-interactive
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.26 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=364.55, rootdispersion=72.43, peer=60012, refid=172.31.35.9, reftime=0xd08cd359.0ddd7000, poll=10, clock=0xd08cd53a.00db8000, phase=1.177, freq=18869.67, error=4.27
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.26 |
xdmcp (177/udp) |
X Display Manager Control Protocol (XDMCP) Detection |
Synopsis :XDMCP is running on the remote host. Description :XDMCP allows a Unix user to remotely obtain a graphical X11 login (and therefore act as a local user on the remote host). If an attacker gains a valid login and password, he may be able to use this service to gain further access on the remote host. An attacker may also use this service to mount a dictionary attack against the remote host to try to log in remotely. Note that XDMCP (the Remote Desktop Protocol) is vulnerable to Man-in-the-middle attacks, making it easy for attackers to steal the credentials of legitimates users by impersonating the XDMCP server. In addition to this, XDMCP is not a ciphered protocol which make it easy for an attacker to capture the keystrokes entered by the user. Solution : Disable the XDMCP if you do not use it, and do not allow this service to run across the Internet Risk factor :Low / CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) Plugin output :Using XDMCP, it was possible to obtain the following information about the remote host : Hostname : m2urbre02 Status : 0 user, load: 0.0, 0.0, 0.0
Nessus ID : 10891
|
|
|
|
[^]Back to 172.31.51.26 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.26 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.26 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.26 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.26 |
afs3-callback (7001/tcp) |
Service Detection |
A web server is running on this port.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:03:10 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
|
[^]Back to 172.31.51.26 |
afs3-prserver (7002/tcp) |
SSL Certificate Information |
Synopsis :This plugin displays the SSL certificate. Description :This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. Solution : n/a Risk factor :None Plugin output :Subject Name: Country: MY State/Province: Wilayah Persekutuan Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: m2urbre02 Issuer Name: Country: MY State/Province: Wilayah Persekutuan Locality: Kuala Lumpur Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: M2UADAPT Email Address: yttay@maybank.com.my Serial Number: 01 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Nov 02 11:44:19 2010 GMT Not Valid After: Oct 30 11:44:19 2020 GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 D5 D8 E3 C0 18 93 EE CC F9 EE AD 7D 09 B7 69 26 A2 BB 54 53 98 82 2E 42 95 69 EB 36 81 BE 9F 0C BC CA CB CF 19 E9 40 E4 D1 B3 A3 50 94 29 4F 64 6B F4 A6 44 D7 F0 49 5E 76 7E 9F 29 E9 A6 5C A7 B1 77 A2 AA F5 C4 8A 20 B6 4E 9F 76 90 84 F6 D7 35 4D 1C 58 54 18 E9 31 9A E3 50 8D 4C 97 62 31 43 B0 1E 4E 3E 98 C8 27 30 45 BE 8A 48 2A FC 8A 36 3A 08 51 0A 89 9A E1 F1 36 E5 29 F4 CB E6 39 Exponent: 01 00 01 Signature: 00 6E 00 BE 7E C1 00 50 6A 69 A9 B1 97 66 6B 9E 09 5D 89 E9 65 1A DC C0 39 BF 7E B4 61 0D 11 D1 72 7D 90 9B 57 F0 2C 52 55 AC B8 44 18 F4 02 8A 20 E0 15 E4 67 42 74 CC 15 B8 91 50 2F 2E 65 FA 85 B1 1E 50 16 4A B5 D1 84 0F 0D DF 1E 4D 97 8B EF 2C 04 94 4A 15 E0 A1 AA 18 B1 F2 BC 8B 0E BA 64 DA D3 57 E3 D5 12 33 59 47 B6 E3 78 7C 9A 6B 9F 11 6A 7A 59 BB 8B 03 25 AA FD 8C 98 9E 5A 10 DE B2 55 22 F0 1E 74 2F 6F 7D 09 6A ED 15 37 C4 24 8C E1 11 5A FF 4F 65 08 B1 B9 D6 EB 35 74 D9 02 55 C1 A5 97 E4 72 D2 39 A0 E0 A9 6C 65 F3 04 59 04 25 E4 45 36 BA E8 53 EE F7 AE DF 71 BE EC D7 BC 20 78 32 39 9F EA A2 39 83 F7 A5 6F 70 6C DF 19 FA 82 64 67 EF 40 C1 F4 C1 13 73 46 C6 98 78 D9 55 11 FE 04 DF F2 94 7C 5B 5A 80 D4 91 C2 51 12 54 15 73 C4 D2 42 C8 A7 B0 88 76 7F 6B AF 5E Extension: Basic Constraints (2.5.29.19) Critical: 0 Data: 30 00 Extension: Comment (2.16.840.1.113730.1.13) Critical: 0 Comment: OpenSSL Generated Certificate Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: EC 8C 71 76 2A 1A A2 74 AB D6 1E 4B 2C 53 57 FE 18 5F F4 24 Extension: Authority Key Identifier (2.5.29.35) Critical: 0
Nessus ID : 10863
|
|
|
SSL Cipher Suites Supported |
Synopsis :The remote service encrypts communications using SSL. Description :This script detects which SSL ciphers are supported by the remote service for encrypting communications. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : n/a Risk factor :None Plugin output :Here is the list of SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv3 ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 21643
|
|
|
Service Detection |
An SSLv3 server answered on this port.
Nessus ID : 22964
|
|
|
Service Detection |
A web server is running on this port through SSLv3.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : yes Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:03:10 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
SSL Weak Cipher Suites Supported |
Synopsis :The remote service supports the use of weak SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here is the list of weak SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} Other references : CWE:327, CWE:326, CWE:753, CWE:803, CWE:720
Nessus ID : 26928
|
|
|
SSL Anonymous Cipher Suites Supported |
Synopsis :The remote service supports the use of anonymous SSL ciphers. Description :The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :The remote server supports the following anonymous SSL ciphers : ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 31705
|
|
|
SSL Medium Strength Cipher Suites Supported |
Synopsis :The remote service supports the use of medium strength SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Note: This is considerably easier to exploit if the attacker is on the same physical network. Solution : Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here are the medium strength SSL ciphers supported by the remote server : Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 42873
|
|
|
|
[^]Back to 172.31.51.26 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
filenet-pa (32772/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
sometimes-rpc9 (32773/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32773 : - program: 100229 (metad), version: 1 - program: 100229 (metad), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.26 |
sometimes-rpc11 (32774/tcp) |
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:57:21 2010 |
|
Number of vulnerabilities :
Open Ports: |
24 |
Low: |
22 |
Medium: |
0 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Solaris |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.28 |
general/tcp |
OS Identification |
Remote operating system : Solaris Confidence Level : 75 Method : NTP The remote host is running Solaris
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 207 sec
Nessus ID : 19506
|
|
|
TCP/IP Timestamps Supported |
Synopsis :The remote service implements TCP timestamps. Description :The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See also : http://www.ietf.org/rfc/rfc1323.txtSolution : n/a Risk factor :None
Nessus ID : 25220
|
|
|
|
[^]Back to 172.31.51.28 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.28 : 172.25.60.70 172.25.60.251 172.31.46.102 172.31.51.28
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.28 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.4.83 SSH Tectia Server
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.28 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=357.59, rootdispersion=78.48, peer=24124, refid=172.31.35.9, reftime=0xd08cd4eb.a2096000, poll=6, clock=0xd08cd4fa.0bbf4000, phase=-0.545, freq=9561.90, error=2.69
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.28 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.28 |
login (513/tcp) |
|
[^]Back to 172.31.51.28 |
shell (514/tcp) |
|
[^]Back to 172.31.51.28 |
ncube-lm (1521/tcp) |
Oracle Database tnslsnr Service Remote Version Disclosure |
Synopsis :An Oracle tnslsnr service is listening on the remote port. Description :The remote host is running the Oracle tnslsnr service, a network interface to Oracle databases. This product allows a remote user to determine the presence and version number of a given Oracle installation. Solution : Filter incoming traffic to this port so that only authorized hosts can connect to it. Risk factor :None Plugin output :A TNS service is running on this port but it refused to honor an attempt to connect to it. (The TNS reply code was 4)
Nessus ID : 10658
|
|
|
|
[^]Back to 172.31.51.28 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.28 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.28 |
cypress-stat (2017/tcp) |
|
[^]Back to 172.31.51.28 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.28 |
clm_pts (6200/tcp) |
|
[^]Back to 172.31.51.28 |
bpjava-msvc (13722/tcp) |
VERITAS NetBackup Agent Detection |
Synopsis :A backup software is running on the remote port. Description :The remote host is running the VERITAS NetBackup Java Console service. This service is used by the NetBackup Java Console GUI to manage the backup server. A user, authorized to connect to this service, can use it as a remote shell with system privileges by sending 'command_EXEC_LIST' messages. Solution : n/a Risk factor :None Plugin output :Remote version of NetBackup is : 6.5
Nessus ID : 20148
|
|
|
Service Detection |
Veritas NetBackup is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.28 |
vnetd (13724/tcp) |
VERITAS NetBackup Agent Detection |
Synopsis :A backup software is running on the remote port. Description :The remote host is running the VERITAS NetBackup Java Console service. This service is used by the NetBackup Java Console GUI to manage the backup server. A user, authorized to connect to this service, can use it as a remote shell with system privileges by sending 'command_EXEC_LIST' messages. Solution : n/a Risk factor :None Plugin output :Remote version of NetBackup is : 6.5
Nessus ID : 20148
|
|
|
|
[^]Back to 172.31.51.28 |
bpcd (13782/tcp) |
|
[^]Back to 172.31.51.28 |
vopied (13783/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.28 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.28 |
sometimes-rpc11 (32774/tcp) |
|
[^]Back to 172.31.51.28 |
sometimes-rpc13 (32775/tcp) |
|
[^]Back to 172.31.51.28 |
unknown (32867/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32867 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:57:05 2010 |
|
Number of vulnerabilities :
Open Ports: |
24 |
Low: |
22 |
Medium: |
0 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Solaris |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.30 |
general/tcp |
OS Identification |
Remote operating system : Solaris Confidence Level : 75 Method : NTP The remote host is running Solaris
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 191 sec
Nessus ID : 19506
|
|
|
TCP/IP Timestamps Supported |
Synopsis :The remote service implements TCP timestamps. Description :The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See also : http://www.ietf.org/rfc/rfc1323.txtSolution : n/a Risk factor :None
Nessus ID : 25220
|
|
|
|
[^]Back to 172.31.51.30 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.30 : 172.25.60.70 172.25.60.251 172.31.46.102 172.31.51.30
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.30 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.4.83 SSH Tectia Server
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.30 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=366.87, rootdispersion=70.02, peer=24564, refid=172.31.35.9, reftime=0xd08cd140.1156c000, poll=10, clock=0xd08cd4f1.726a4000, phase=-2.123, freq=32310.73, error=2.98
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.30 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.30 |
login (513/tcp) |
|
[^]Back to 172.31.51.30 |
shell (514/tcp) |
|
[^]Back to 172.31.51.30 |
ncube-lm (1521/tcp) |
Oracle Database tnslsnr Service Remote Version Disclosure |
Synopsis :An Oracle tnslsnr service is listening on the remote port. Description :The remote host is running the Oracle tnslsnr service, a network interface to Oracle databases. This product allows a remote user to determine the presence and version number of a given Oracle installation. Solution : Filter incoming traffic to this port so that only authorized hosts can connect to it. Risk factor :None Plugin output :A TNS service is running on this port but it refused to honor an attempt to connect to it. (The TNS reply code was 4)
Nessus ID : 10658
|
|
|
|
[^]Back to 172.31.51.30 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.30 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.30 |
cypress-stat (2017/tcp) |
|
[^]Back to 172.31.51.30 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.30 |
clm_pts (6200/tcp) |
|
[^]Back to 172.31.51.30 |
bpjava-msvc (13722/tcp) |
VERITAS NetBackup Agent Detection |
Synopsis :A backup software is running on the remote port. Description :The remote host is running the VERITAS NetBackup Java Console service. This service is used by the NetBackup Java Console GUI to manage the backup server. A user, authorized to connect to this service, can use it as a remote shell with system privileges by sending 'command_EXEC_LIST' messages. Solution : n/a Risk factor :None Plugin output :Remote version of NetBackup is : 6.5
Nessus ID : 20148
|
|
|
Service Detection |
Veritas NetBackup is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.30 |
vnetd (13724/tcp) |
VERITAS NetBackup Agent Detection |
Synopsis :A backup software is running on the remote port. Description :The remote host is running the VERITAS NetBackup Java Console service. This service is used by the NetBackup Java Console GUI to manage the backup server. A user, authorized to connect to this service, can use it as a remote shell with system privileges by sending 'command_EXEC_LIST' messages. Solution : n/a Risk factor :None Plugin output :Remote version of NetBackup is : 6.5
Nessus ID : 20148
|
|
|
|
[^]Back to 172.31.51.30 |
bpcd (13782/tcp) |
|
[^]Back to 172.31.51.30 |
vopied (13783/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.30 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
sometimes-rpc11 (32774/tcp) |
|
[^]Back to 172.31.51.30 |
sometimes-rpc12 (32774/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32774 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.30 |
sometimes-rpc13 (32775/tcp) |
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:56:34 2010 |
|
Number of vulnerabilities :
Open Ports: |
17 |
Low: |
26 |
Medium: |
3 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Solaris |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.32 |
general/tcp |
OS Identification |
Remote operating system : Solaris Confidence Level : 75 Method : NTP The remote host is running Solaris
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 160 sec
Nessus ID : 19506
|
|
|
TCP/IP Timestamps Supported |
Synopsis :The remote service implements TCP timestamps. Description :The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See also : http://www.ietf.org/rfc/rfc1323.txtSolution : n/a Risk factor :None
Nessus ID : 25220
|
|
|
Web Application Tests Disabled |
Synopsis :Web application tests were not enabled during the scan. Description :One or several web servers were detected by Nessus, but neither the CGI tests nor the Web Application Tests were enabled. If you want to get a more complete report, you should enable one of these features, or both. Please note that the scan might take significantly longer with these tests, which is why they are disabled by default. See also : http://blog.tenablesecurity.com/web-app-auditing/Solution : To enable specific CGI tests, go to the 'Advanced' tab, select 'Global variable settings' and set 'Enable CGI scanning'. To generic enable web application tests, go to the 'Advanced' tab, select 'Web Application Tests Settings' and set 'Enable web applications tests'. You may configure other options, for example HTTP credentials in 'Login configurations', or form-based authentication in 'HTTP login page'. Risk factor :None
Nessus ID : 43067
|
|
|
|
[^]Back to 172.31.51.32 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.32 : 172.25.60.70 172.25.60.251 172.31.46.102 172.31.51.32
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.32 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.0.668 SSH Tectia Server SSH supported authentication : gssapi-with-mic,password,publickey,keyboard-interactive
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.32 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=356.55, rootdispersion=78.84, peer=51532, refid=172.31.35.9, reftime=0xd08cd2f8.f2854000, poll=10, clock=0xd08cd514.f22da000, phase=7.157, freq=34058.93, error=12.82
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.32 |
xdmcp (177/udp) |
X Display Manager Control Protocol (XDMCP) Detection |
Synopsis :XDMCP is running on the remote host. Description :XDMCP allows a Unix user to remotely obtain a graphical X11 login (and therefore act as a local user on the remote host). If an attacker gains a valid login and password, he may be able to use this service to gain further access on the remote host. An attacker may also use this service to mount a dictionary attack against the remote host to try to log in remotely. Note that XDMCP (the Remote Desktop Protocol) is vulnerable to Man-in-the-middle attacks, making it easy for attackers to steal the credentials of legitimates users by impersonating the XDMCP server. In addition to this, XDMCP is not a ciphered protocol which make it easy for an attacker to capture the keystrokes entered by the user. Solution : Disable the XDMCP if you do not use it, and do not allow this service to run across the Internet Risk factor :Low / CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) Plugin output :Using XDMCP, it was possible to obtain the following information about the remote host : Hostname : m2urbbo01 Status : 0 user, load: 0.0, 0.0, 0.0
Nessus ID : 10891
|
|
|
|
[^]Back to 172.31.51.32 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.32 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.32 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.32 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.32 |
afs3-callback (7001/tcp) |
Service Detection |
A web server is running on this port.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:35 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
|
[^]Back to 172.31.51.32 |
afs3-prserver (7002/tcp) |
SSL Certificate Information |
Synopsis :This plugin displays the SSL certificate. Description :This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. Solution : n/a Risk factor :None Plugin output :Subject Name: Country: MY State/Province: Wilayah Persekutuan Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: m2urbbo01 Issuer Name: Country: MY State/Province: Wilayah Persekutuan Locality: Kuala Lumpur Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: M2UADAPT Email Address: yttay@maybank.com.my Serial Number: 00 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Nov 02 11:46:37 2010 GMT Not Valid After: Oct 30 11:46:37 2020 GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 D8 C0 72 98 00 2A 32 89 9F 2E 1A 7E B1 6A 63 FB 17 9E 47 80 F6 CC 94 6F 81 F0 77 F5 58 24 95 11 B6 B6 B4 FD B4 C7 22 AC DE BD 6B D0 84 69 20 98 15 FD DB E0 06 18 9A A7 6A A2 EA 10 9D 76 56 07 64 9F 05 4C 9A 22 14 16 20 46 9D A6 0B 91 02 F5 D1 9D 04 04 C1 9D 7F 9B 87 DB E0 0C 40 92 F4 22 F3 0F 57 CA 3F EB 8E 6B 1B C3 47 DE D6 27 6D 94 6A 78 6B 1B 43 53 F8 04 68 A3 A6 66 C3 F2 FB 8F Exponent: 01 00 01 Signature: 00 A6 6A B5 A6 12 A5 8C 7C DC 71 D0 AF 9B D8 B1 74 E8 6C 7A 36 5A 06 67 26 2B 13 05 89 00 75 EA 37 34 98 94 3A A6 37 3C 79 37 41 38 C7 F0 DC D4 97 9B 26 C2 43 43 BC E1 F9 03 A9 16 1C 63 1F 13 84 99 AB 63 1B 6D 45 08 81 1D 8D 10 30 16 58 3F AE 9C C0 E5 1C D7 A6 ED C2 CD DC 94 86 C4 1D 82 88 A4 5A 64 AA BC 06 DC C2 F6 96 80 67 27 DF 34 FF CA E6 B8 4C 31 0F 91 0E 7F 0E FB 2E 44 C1 5F 59 D8 B8 85 DA 28 E6 14 9A C0 B0 DC 20 1C E5 93 6C A7 CB 2A 0A 32 88 6D 83 81 01 F9 02 22 C0 94 81 C7 5C 79 24 0E 9B 72 42 01 BD 2C 34 D5 2F 23 B4 5A D8 1B D3 0E F7 4E 92 60 2A AF 18 DE 76 FE 3A 07 E3 11 AB 76 E8 1F F2 82 86 83 69 BE 09 2B 4F 7D 0E 1E B3 63 65 D4 7C AF E8 70 5E E5 65 A0 B8 FD 94 26 71 F4 AB 16 90 3E 53 C9 ED D5 30 C7 19 E2 27 89 C6 9A 3D 98 D4 28 B9 D9 9C 99 7B 85 C8 Extension: Basic Constraints (2.5.29.19) Critical: 0 Data: 30 00 Extension: Comment (2.16.840.1.113730.1.13) Critical: 0 Comment: OpenSSL Generated Certificate Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: 22 BF 1D 37 03 44 54 08 C8 31 A6 F8 53 01 5C C3 D7 B5 91 7E Extension: Authority Key Identifier (2.5.29.35) Critical: 0
Nessus ID : 10863
|
|
|
SSL Cipher Suites Supported |
Synopsis :The remote service encrypts communications using SSL. Description :This script detects which SSL ciphers are supported by the remote service for encrypting communications. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : n/a Risk factor :None Plugin output :Here is the list of SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv3 ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 21643
|
|
|
Service Detection |
An SSLv3 server answered on this port.
Nessus ID : 22964
|
|
|
Service Detection |
A web server is running on this port through SSLv3.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : yes Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:35 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
SSL Weak Cipher Suites Supported |
Synopsis :The remote service supports the use of weak SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here is the list of weak SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} Other references : CWE:327, CWE:326, CWE:753, CWE:803, CWE:720
Nessus ID : 26928
|
|
|
SSL Anonymous Cipher Suites Supported |
Synopsis :The remote service supports the use of anonymous SSL ciphers. Description :The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :The remote server supports the following anonymous SSL ciphers : ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 31705
|
|
|
SSL Medium Strength Cipher Suites Supported |
Synopsis :The remote service supports the use of medium strength SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Note: This is considerably easier to exploit if the attacker is on the same physical network. Solution : Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here are the medium strength SSL ciphers supported by the remote server : Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 42873
|
|
|
|
[^]Back to 172.31.51.32 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
filenet-pa (32772/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.32 |
sometimes-rpc9 (32773/tcp) |
|
[Return to top] |
|
|
Scan Time:
Start Time: |
Tue Nov 16 17:53:54 2010 |
End Time: |
Tue Nov 16 17:56:16 2010 |
|
Number of vulnerabilities :
Open Ports: |
17 |
Low: |
26 |
Medium: |
3 |
High: |
0 |
|
Information about the remote host :
Operating System: |
Solaris |
NetBIOS Name: |
(unknown) |
DNS Name: |
(unknown) |
|
|
|
|
|
|
[^]Back to 172.31.51.34 |
general/tcp |
OS Identification |
Remote operating system : Solaris Confidence Level : 75 Method : NTP The remote host is running Solaris
Nessus ID : 11936
|
|
|
Nessus Scan Information |
Information about this scan : Nessus version : 4.0.2 (Build 1076) (Nessus 4.2.2 is available - consider upgrading) Plugin feed version : 201010192234 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 172.25.60.70 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : None Scan Start Date : 2010/11/16 17:53 Scan duration : 142 sec
Nessus ID : 19506
|
|
|
TCP/IP Timestamps Supported |
Synopsis :The remote service implements TCP timestamps. Description :The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See also : http://www.ietf.org/rfc/rfc1323.txtSolution : n/a Risk factor :None
Nessus ID : 25220
|
|
|
Web Application Tests Disabled |
Synopsis :Web application tests were not enabled during the scan. Description :One or several web servers were detected by Nessus, but neither the CGI tests nor the Web Application Tests were enabled. If you want to get a more complete report, you should enable one of these features, or both. Please note that the scan might take significantly longer with these tests, which is why they are disabled by default. See also : http://blog.tenablesecurity.com/web-app-auditing/Solution : To enable specific CGI tests, go to the 'Advanced' tab, select 'Global variable settings' and set 'Enable CGI scanning'. To generic enable web application tests, go to the 'Advanced' tab, select 'Web Application Tests Settings' and set 'Enable web applications tests'. You may configure other options, for example HTTP credentials in 'Login configurations', or form-based authentication in 'HTTP login page'. Risk factor :None
Nessus ID : 43067
|
|
|
|
[^]Back to 172.31.51.34 |
general/udp |
Traceroute Information |
Synopsis :It was possible to obtain traceroute information. Description :Makes a traceroute to the remote host. Solution : n/a Risk factor :None Plugin output :For your information, here is the traceroute from 172.25.60.70 to 172.31.51.34 : 172.25.60.70 172.25.60.251 172.31.46.102 172.31.51.34
Nessus ID : 10287
|
|
|
|
[^]Back to 172.31.51.34 |
ssh (22/tcp) |
SSH Server Type and Version Information |
Synopsis :An SSH server is listening on this port. Description :It is possible to obtain information about the remote SSH server by sending an empty authentication request. Solution : n/a Risk factor :None Plugin output :SSH version : SSH-2.0-6.1.0.668 SSH Tectia Server SSH supported authentication : gssapi-with-mic,password,publickey,keyboard-interactive
Nessus ID : 10267
|
|
|
Service Detection |
An SSH server is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.34 |
sunrpc (111/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
sunrpc (111/udp) |
RPC portmapper Service Detection |
Synopsis :An ONC RPC portmapper is running on the remote host. Description :The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Solution : n/a Risk factor :None
Nessus ID : 10223
|
|
|
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
ntp (123/udp) |
Network Time Protocol (NTP) Server Detection |
Synopsis :An NTP server is listening on the remote host. Description :An NTP (Network Time Protocol) server is listening on this port. It provides information about the current date and time of the remote system and may provide system information. Solution : n/a Risk factor :None Plugin output :It was possible to gather the following information from the remote NTP host : system='SunOS', leap=0, stratum=3, rootdelay=369.80, rootdispersion=70.10, peer=9476, refid=172.31.35.9, reftime=0xd08cd144.c28f0000, poll=10, clock=0xd08cd501.74d80000, phase=5.487, freq=32125.64, error=9.14
Nessus ID : 10884
|
|
|
|
[^]Back to 172.31.51.34 |
xdmcp (177/udp) |
X Display Manager Control Protocol (XDMCP) Detection |
Synopsis :XDMCP is running on the remote host. Description :XDMCP allows a Unix user to remotely obtain a graphical X11 login (and therefore act as a local user on the remote host). If an attacker gains a valid login and password, he may be able to use this service to gain further access on the remote host. An attacker may also use this service to mount a dictionary attack against the remote host to try to log in remotely. Note that XDMCP (the Remote Desktop Protocol) is vulnerable to Man-in-the-middle attacks, making it easy for attackers to steal the credentials of legitimates users by impersonating the XDMCP server. In addition to this, XDMCP is not a ciphered protocol which make it easy for an attacker to capture the keystrokes entered by the user. Solution : Disable the XDMCP if you do not use it, and do not allow this service to run across the Internet Risk factor :Low / CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) Plugin output :Using XDMCP, it was possible to obtain the following information about the remote host : Hostname : m2urbbo02 Status : 0 user, load: 0.0, 0.0, 0.0
Nessus ID : 10891
|
|
|
|
[^]Back to 172.31.51.34 |
smux (199/tcp) |
Service Detection |
An SNMP Multiplexer (smux) is running on this port.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.34 |
h323hostcall (1720/tcp) |
|
[^]Back to 172.31.51.34 |
msnp (1863/tcp) |
Service Detection |
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
Nessus ID : 22964
|
|
|
|
[^]Back to 172.31.51.34 |
lockd (4045/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
lockd (4045/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
esmmanager (5600/tcp) |
|
[^]Back to 172.31.51.34 |
afs3-callback (7001/tcp) |
Service Detection |
A web server is running on this port.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:17 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
|
[^]Back to 172.31.51.34 |
afs3-prserver (7002/tcp) |
SSL Certificate Information |
Synopsis :This plugin displays the SSL certificate. Description :This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. Solution : n/a Risk factor :None Plugin output :Subject Name: Country: MY State/Province: Wilayah Persekutuan Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: m2urbbo02 Issuer Name: Country: MY State/Province: Wilayah Persekutuan Locality: Kuala Lumpur Organization: Malayan Banking Berhad Organization Unit: ISD Common Name: M2UADAPT Email Address: yttay@maybank.com.my Serial Number: 01 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Nov 02 11:46:53 2010 GMT Not Valid After: Oct 30 11:46:53 2020 GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 8B B2 CA 10 6D 36 58 96 98 78 84 5F C6 6D 11 87 8E 42 8D F2 E7 4C D2 A7 94 E7 B4 1E F8 DA 42 3C 1A EC 79 1A EA 26 9F A9 42 DF 25 0A 49 58 69 8A 5D D6 F7 31 3F 13 63 C4 4D 8D 77 CF 0D 6D 53 DF 86 0E B3 2B 15 61 10 6C E7 1E 31 6E AC DD 74 60 FB 02 2A 5F 67 75 C3 26 21 2D 37 66 7A 58 08 CF 7F C3 A9 EF D1 FE CC B3 B7 E3 E2 80 EE 69 5F B5 25 1D B9 77 08 1C 6D F5 D6 DC 89 00 87 9C 74 83 Exponent: 01 00 01 Signature: 00 04 B5 AE F6 6A 2F 72 10 83 5E 3C E0 74 09 8C 5C 1E 34 4E EC 03 F2 BB 8F 2A E2 EC 17 52 F0 19 13 47 18 E1 06 12 8B 2A EC 0F 55 AD 8F 06 7E 9B C3 96 BF 92 E8 34 39 CB FC D7 73 FC E0 D1 0D E5 69 5A D5 08 5C EF 8E EF 9E D5 F3 97 1D E6 6F 8F D3 13 ED 1B CD D5 4B 3C 74 EA AE 7C 9B 0B 75 F8 76 74 25 AC 76 BE D3 E5 64 87 0F E6 09 37 C1 D9 ED F8 B7 6A 61 EB 30 44 D3 4D B2 D8 7E 17 42 28 D4 8F 5F B9 DB 1A 95 E9 1F C4 B9 F0 A0 71 FE B4 15 1A 7A C2 7A D7 69 C7 A2 FB EB F0 61 DC 9D D0 5B B6 B4 28 7D FC D1 48 3A 35 96 9B 6D CB 04 6C 39 B9 99 C6 F6 C5 1A 1B A4 C6 E8 1E 15 6A ED 62 D6 72 0C 78 EF 6E BE 67 67 57 ED 88 31 7A F8 26 1B 7E 2F 0F 3F 37 B7 65 9A 9A 0F 49 B6 DA F1 30 8A 3D D6 C6 DB 3F 2F A7 D3 85 6E 2F C1 C1 CF 0F F5 AC 86 53 2B D0 35 06 28 97 6F D4 D8 48 3C D2 67 Extension: Basic Constraints (2.5.29.19) Critical: 0 Data: 30 00 Extension: Comment (2.16.840.1.113730.1.13) Critical: 0 Comment: OpenSSL Generated Certificate Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: 7D 6A 1D 67 E9 62 29 7D 1A 31 94 9B 5C 49 3C 78 81 4C 1E 52 Extension: Authority Key Identifier (2.5.29.35) Critical: 0
Nessus ID : 10863
|
|
|
SSL Cipher Suites Supported |
Synopsis :The remote service encrypts communications using SSL. Description :This script detects which SSL ciphers are supported by the remote service for encrypting communications. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : n/a Risk factor :None Plugin output :Here is the list of SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv3 ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 21643
|
|
|
Service Detection |
An SSLv3 server answered on this port.
Nessus ID : 22964
|
|
|
Service Detection |
A web server is running on this port through SSLv3.
Nessus ID : 22964
|
|
|
HyperText Transfer Protocol (HTTP) Information |
Synopsis :Some information about the remote HTTP configuration can be extracted. Description :This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Solution : n/a Risk factor :None Plugin output :Protocol version : HTTP/1.1 SSL : yes Keep-Alive : no Options allowed : (Not implemented) Headers : Connection: close Date: Tue, 16 Nov 2010 10:02:17 GMT Content-Length: 1214 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1
Nessus ID : 24260
|
|
|
SSL Weak Cipher Suites Supported |
Synopsis :The remote service supports the use of weak SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here is the list of weak SSL ciphers supported by the remote server : Low Strength Ciphers (< 56-bit key) SSLv3 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} Other references : CWE:327, CWE:326, CWE:753, CWE:803, CWE:720
Nessus ID : 26928
|
|
|
SSL Anonymous Cipher Suites Supported |
Synopsis :The remote service supports the use of anonymous SSL ciphers. Description :The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network. See also : http://www.openssl.org/docs/apps/ciphers.htmlSolution : Reconfigure the affected application if possible to avoid use of weak ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :The remote server supports the following anonymous SSL ciphers : ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1 EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5 EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 31705
|
|
|
SSL Medium Strength Cipher Suites Supported |
Synopsis :The remote service supports the use of medium strength SSL ciphers. Description :The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Note: This is considerably easier to exploit if the attacker is on the same physical network. Solution : Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk factor :Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin output :Here are the medium strength SSL ciphers supported by the remote server : Medium Strength Ciphers (>= 56-bit and < 112-bit key) SSLv3 ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES(56) Mac=SHA1 EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
Nessus ID : 42873
|
|
|
|
[^]Back to 172.31.51.34 |
filenet-rmi (32771/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32771 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
filenet-pa (32772/tcp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on TCP port 32772 : - program: 1073741824 (fmproduct), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
filenet-pa (32772/udp) |
RPC Services Enumeration |
Synopsis :An ONC RPC service is running on the remote host. Description :By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Solution : n/a Risk factor :None Plugin output :The following RPC services are available on UDP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1
Nessus ID : 11111
|
|
|
|
[^]Back to 172.31.51.34 |
sometimes-rpc9 (32773/tcp) |
|