reporte completo nessus

8/3/2019 Reporte Completo Nessus

1/23

List of hosts192.168.29.128

High Severity problem(s)found

[^] Back

192.168.29.128Scan Time

Start time : Fri Sep 03 06:45:11 2010

End time : Fri Sep 03 06:51:26 2010

Number of vulnerabilities

Open ports : 17

High : 3

Medium : 1

Low : 38

Remote host information

OperatingSystem :

Linux Kernel 2.6 onUbuntu Linux 8.04 (hardy)

NetBIOSname :

METASPLOITABLE

DNS name :

[^] Back to 192.168.29.128

Port general (0/icmp) [-/+]

ICMP TimestampRequest Remote Date Disclosure

Synopsis:It is possible to determine the exact time set on the remote host.

Description:The remote host answers to an ICMP timestamp request. This allowsan attacker to know the date which is set on your machine. Thismay help him to defeat all your time based authentication protocols.

Risk factor:None

Solution:

Filter out the ICMP timestamp requests (13), and the outgoing ICMPtimestamp replies (14).

Plugin output:The difference between the local and remote clocks is 7 seconds.

Plugin ID:10114


2/23

CVE:CVE-1999-0524

Other references:OSVDB:94

TCP/IP Timestamps Supported

Synopsis:The remote service implements TCP timestamps.

Description:The remote host implements TCP timestamps, as defined byRFC1323. A side effect of this feature is that the uptime of theremote host can sometimes be computed.

Risk factor:None

See also:http://www.ietf.org/rfc/rfc1323.txt

Solution:n/a

Plugin ID:25220

Apache Banner Linux Distribution Disclosure

Synopsis:The name of the Linux distribution running on the remote host was

found in the banner of the web server.

Description:This script extracts the banner of the Apache web server andattempts to determine which Linux distribution the remote host isrunning.

Risk factor:None

Solution:If you do not wish to display this information, edit httpd.conf and setthe directive 'ServerTokens Prod' and restart Apache.

Plugin output:The linux distribution detected was : - Ubuntu 8.04 (gutsy)

Plugin ID:18261

Additional DNS Hostnames


3/23

Synopsis:Potential virtual hosts have been detected.

Description:Hostnames different from the current hostname have been collectedby miscellaneous plugins. Different web servers may be hosted on

name- based virtual hosts.

Risk factor:None

See also:http://en.wikipedia.org/wiki/Virtual_hosting

Solution:If you want to test them, re-scan using the special vhost syntax,such as : www.example.com[192.0.32.10]

Plugin output:

- metasploitable

Plugin ID:46180

VMware Virtual Machine Detection

Synopsis:The remote host seems to be a VMware virtual machine.

Description:According to the MAC address of its network adapter, the remotehost is a VMware virtual machine. Since it is physically accessible

through the network, ensure that its configuration matches yourorganization's security policy.

Risk factor:None

Solution:n/a

Plugin ID:20094

Ethernet card brand

Synopsis:The manufacturer can be deduced from the Ethernet OUI.

Description:Each ethernet MAC address starts with a 24-bit 'OrganizationallyUnique Identifier'. These OUI are registered by IEEE.

Risk factor:


4/23

None

See also:http://standards.ieee.org/faqs/OUI.html

See also:

http://standards.ieee.org/regauth/oui/index.shtml

Solution:n/a

Plugin output:The following card manufacturers were identified :00:0c:29:f9:d2:4a : VMware, Inc.

Plugin ID:35716

OS Identification

Remote operating system : Linux Kernel 2.6 on Ubuntu Linux 8.04(hardy) Confidence Level : 95 Method : SSH The remote host isrunning Linux Kernel 2.6 on Ubuntu Linux 8.04 (hardy)

Plugin ID:11936

Common Platform Enumeration (CPE)

Synopsis:It is possible to enumerate CPE names that matched on the remotesystem.

Description:By using information obtained from a Nessus scan, this pluginreports CPE (Common Platform Enumeration) matches for varioushardware and software products found on a host. Note that if anofficial CPE is not available for the product, this plugin computes thebest possible CPE based on the information available from the scan.

Risk factor:None

See also:http://cpe.mitre.org/

Solution:n/a

Plugin output:The remote operating system matched the following CPE :cpe:/o:ubuntu:ubuntu_linux:8.04 (Inferred CPE) Here is the list ofapplication CPE IDs that matched on the remote system :cpe:/a:openbsd:openssh:4.7 cpe:/a:isc:bind:9.4.cpe:/a:samba:samba:3.0.20 -> Samba 3.0.20


5/23

cpe:/a:apache:http_server:2.2.8 cpe:/a:php:php:5.2.4-2ubuntu5.10

Plugin ID:45590

Nessus Scan Information

Information about this scan : Nessus version : 4.2.2 (Build 9129)Plugin feed version : 201008312334 Type of plugin feed : HomeFeed(Non-commercial use only) Scanner IP : 192.168.29.1 Portscanner(s) : nessus_syn_scanner Port range : default Thoroughtests : no Experimental tests : no Paranoia level : 1 Report Verbosity: 1 Safe checks : yes Optimize the test : yes CGI scanning : disabledWeb application tests : disabled Max hosts : 80 Max checks : 5 Recvtimeout : 5 Backports : Detected Scan Start Date : 2010/9/3 6:45Scan duration : 374 sec

Plugin ID:19506

Web Application Tests Disabled

Synopsis:Web application tests were not enabled during the scan.

Description:One or several web servers were detected by Nessus, but neitherthe CGI tests nor the Web Application Tests were enabled. If youwant to get a more complete report, you should enable one of thesefeatures, or both. Please note that the scan might take significantlylonger with these tests, which is why they are disabled by default.

Risk factor:

None

See also:http://blog.tenablesecurity.com/web-app-auditing/

Solution:To enable specific CGI tests, go to the 'Advanced' tab, select 'Globalvariable settings' and set 'Enable CGI scanning'. To generic enableweb application tests, go to the 'Advanced' tab, select 'WebApplication Tests Settings' and set 'Enable web applications tests'.You may configure other options, for example HTTP credentials in'Login configurations', or form-based authentication in 'HTTP loginpage'.

Plugin ID:43067

Traceroute Information

Synopsis:It was possible to obtain traceroute information.


6/23

Description:Makes a traceroute to the remote host.

Risk factor:None

Solution:n/a

Plugin output:For your information, here is the traceroute from 192.168.29.1 to192.168.29.128 : 192.168.29.1 192.168.29.128

Plugin ID:10287

Port netbios-ns (137/udp) [-/+]

Windows NetBIOS / SMB Remote Host Information

Disclosure

Synopsis:It is possible to obtain the network name of the remote host.

Description:The remote host listens on UDP port 137 or TCP port 445 and repliesto NetBIOS nbtscan or SMB requests. Note that this plugin gathersinformation to be used in other plugins but does not itself generatea report.

Risk factor:

None

Solution:n/a

Plugin output:The following 7 NetBIOS names have been gathered :METASPLOITABLE = Computer name METASPLOITABLE =Messenger Service METASPLOITABLE = File Server Service__MSBROWSE__ = Master Browser WORKGROUP = Workgroup /Domain name WORKGROUP = Master Browser WORKGROUP =Browser Service Elections This SMB server seems to be a SAMBAserver (MAC address is NULL).

Plugin ID:10150

Port smb (139/tcp) [-/+]

SMB Service Detection

Synopsis:


7/23

A file / print sharing service is listening on the remote host.

Description:The remote service understands the CIFS (Common Internet FileSystem) or Server Message Block (SMB) protocol, used to provideshared access to files, printers, etc between nodes on a network.

Risk factor:None

Solution:n/a

Plugin output:An SMB server is running on this port.

Plugin ID:11011

Port ftp? (21/tcp) [-/+]

Port ssh (22/tcp) [-/+]

Debian OpenSSH/OpenSSL Package Random NumberGenerator Weakness

Synopsis:The remote SSH host keys are weak.

Description:The remote SSH host key has been generated on a Debian or

Ubuntu system which contains a bug in the random numbergenerator of its OpenSSL library. The problem is due to a Debianpackager removing nearly all sources of entropy in the remoteversion of OpenSSL. An attacker can easily obtain the private part ofthe remote key and use this to set up decipher the remote sessionor set up a man in the middle attack.

Risk factor:Critical

CVSS Base Score:10.0CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

See also:http://www.nessus.org/u?5d01bdab (Debian)

See also:http://www.nessus.org/u?f14f4224 (Ubuntu)

Solution:Consider all cryptographic material generated on the remote host tobe guessable. In particuliar, all SSH, SSL and OpenVPN key material


8/23

should be re-generated.

Plugin ID:32314

CVE:

CVE-2008-0166

BID:29179


Service Detection

An SSH server is running on this port.

Plugin ID:22964

SSH Server Type and Version Information

Synopsis:An SSH server is listening on this port.

Description:It is possible to obtain information about the remote SSH server bysending an empty authentication request.

Risk factor:None

Solution:n/a

Plugin output:SSH version : SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 SSHsupported authentication : publickey,password

Plugin ID:10267

SSH Protocol Versions Supported

Synopsis:

A SSH server is running on the remote host.

Description:This plugin determines the versions of the SSH protocol supportedby the remote SSH daemon.

Risk factor:None


9/23

Solution:n/a

Plugin output:The remote SSH daemon supports the following versions of the SSHprotocol : - 1.99 - 2.0 SSHv2 host key fingerprint :

56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3

Plugin ID:10881

Backported Security Patch Detection (SSH)

Synopsis:Security patches are backported.

Description:Security patches may have been 'back ported' to the remote SSHserver without changing its version number. Banner-based checks

have been disabled to avoid false positives. Note that this test isinformational only and does not denote any security problem.

Risk factor:None

See also:http://www.nessus.org/u?d636c8c7

Solution:N/A

Plugin output:

Give Nessus credentials to perform local checks.

Plugin ID:39520

Port telnet? (23/tcp) [-/+]

Port smtp? (25/tcp) [-/+]

Port mysql? (3306/tcp) [-/+]

Port distcc? (3632/tcp) [-/+]

Port cifs (445/tcp) [-/+]

Samba NDR MS-RPC Request Heap-Based Remote BufferOverflow

Synopsis:It is possible to execute code on the remote host through Samba.


10/23

Description:The version of the Samba server installed on the remote host isaffected by multiple heap overflow vulnerabilities, which can beexploited remotely to execute code with the privileges of the Sambadaemon.

Risk factor:Critical

CVSS Base Score:10.0CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

See also:http://www.samba.org/samba/security/CVE-2007-2446.html

Solution:Upgrade to Samba version 3.0.25 or later.

Plugin ID:25216

CVE:CVE-2007-2446

BID:23973, 24195, 24196, 24197, 24198

Other references:OSVDB:34699, OSVDB:34731, OSVDB:34732, OSVDB:34733

Microsoft Windows SMB Shares Unprivileged Access

Synopsis:It is possible to access a network share.

Description:The remote has one or more Windows shares that can be accessedthrough the network with the given credentials. Depending on theshare rights, it may allow an attacker to read/write confidential data.

Risk factor:High

CVSS Base Score:7.5CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution:To restrict access under Windows, open Explorer, do a right click oneach share, go to the 'sharing' tab, and click on 'permissions'.

Plugin output:The following shares can be accessed using a NULL session : - tmp -(readable,writable) + Content of this share : .. .ICE-unix .X11-unix


11/23

5344.jsvc_up

Plugin ID:42411

CVE:

CVE-1999-0519, CVE-1999-0520

BID:8026


Samba Server Detection

Synopsis:An SMB server is running on the remote host.

Description:The remote host is running Samba, a CIFS/SMB server for Unix.

Risk factor:None

See also:http://www.samba.org/

Solution:n/a

Plugin ID:

25240

SMB Service Detection

Synopsis:A file / print sharing service is listening on the remote host.

Description:The remote service understands the CIFS (Common Internet FileSystem) or Server Message Block (SMB) protocol, used to provideshared access to files, printers, etc between nodes on a network.

Risk factor:

None

Solution:n/a

Plugin output:A CIFS server is running on this port.

Plugin ID:


12/23

11011

SMB NativeLanManager Remote System InformationDisclosure

Synopsis:It is possible to obtain information about the remote operatingsystem.

Description:It is possible to get the remote operating system name and version(Windows and/or Samba) by sending an authentication request toport 139 or 445.

Risk factor:None

Solution:n/a

Plugin output:The remote Operating System is : Unix The remote native lanmanager is : Samba 3.0.20-Debian The remote SMB Domain Nameis : METASPLOITABLE

Plugin ID:10785

SMB Log In Possible

Synopsis:It is possible to log into the remote host.

Description:The remote host is running Microsoft Windows operating system orSamba, a CIFS/SMB server for Unix. It was possible to log into itusing one of the following account : - NULL session - Guest account- Given Credentials

Risk factor:None

See also:http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP

See also:http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP

Solution:n/a

Plugin output:- NULL sessions are enabled on the remote host


13/23

Plugin ID:10394

CVE:CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222,CVE-2002-1117, CVE-2005-3595

BID:494, 990, 11199


SMB Shares Enumeration

Synopsis:It is possible to enumerate remote network shares.

Description:

By connecting to the remote host, Nessus was able to enumeratethe network share names.

Risk factor:None

Solution:N/A

Plugin output:Here are the SMB shares available on the remote host when loggedas a NULL session: - print$ - tmp - opt - IPC$ - ADMIN$

Plugin ID:10395

Obtains the password policy

Synopsis:It is possible to retrieve the remote host's password policy using thesupplied credentials.

Description:Using the supplied credentials it was possible to extract thepassword policy for the remote Windows host. The password policymust conform to the Informational System Policy.

Risk factor:None

Solution:n/a

Plugin output:The following password policy is defined on the remote host:


14/23

Minimum password len: 5 Password history len: 0 Maximumpassword age (d): No limit Password must meet complexityrequirements: Disabled Minimum password age (d): 0 Forced logofftime (s): Not set Locked account time (s): 1800 Time between failedlogon (s): 1800 Number of invalid logon before locked out (s): 0

Plugin ID:17651

Windows SMB NULL Session Authentication

Synopsis:It is possible to log into the remote Windows host with a NULLsession.

Description:The remote host is running Microsoft Windows, and it was possibleto log into it using a NULL session (i.e., with no login or password).An unauthenticated remote attacker can leverage this issue to get

information about the remote host.

Risk factor:None

See also:http://support.microsoft.com/kb/q143474/

See also:http://support.microsoft.com/kb/q246261/

Solution:n/a

Plugin ID:26920

CVE:CVE-1999-0519, CVE-1999-0520, CVE-2002-1117

BID:494


SMB LanMan Pipe Server Listing Disclosure

Synopsis:It is possible to obtain network information.

Description:It was possible to obtain the browse list of the remote Windowssystem by send a request to the LANMAN pipe. The browse list isthe list of the nearest Windows systems of the remote host.


15/23

Risk factor:None

Solution:n/a

Plugin output:Here is the browse list of the remote host : METASPLOITABLE ( os :0.0 )

Plugin ID:10397


SMB use host SID to enumerate local users

Synopsis:It is possible to enumerate local users.

Description:Using the host SID, it is possible to enumerate local users on theremote Windows system.

Risk factor:None

Solution:n/a

Plugin output:- Administrator (id 500, Administrator account) - nobody (id 501,Guest account) - root (id 1000) - root (id 1001) - daemon (id 1002) -daemon (id 1003) - bin (id 1004) - bin (id 1005) - sys (id 1006) - sys(id 1007) - sync (id 1008) - adm (id 1009) - games (id 1010) - tty (id1011) - man (id 1012) - disk (id 1013) - lp (id 1014) - lp (id 1015) -mail (id 1016) - mail (id 1017) - news (id 1018) - news (id 1019) -uucp (id 1020) - uucp (id 1021) - man (id 1025) - proxy (id 1026) -proxy (id 1027) - kmem (id 1031) - dialout (id 1041) - fax (id 1043)- voice (id 1045) - cdrom (id 1049) - floppy (id 1051) - tape (id1053) - sudo (id 1055) - audio (id 1059) - dip (id 1061) - www-data(id 1066) - www-data (id 1067) - backup (id 1068) - backup (id1069) - operator (id 1075) - list (id 1076) - list (id 1077) - irc (id1078) - irc (id 1079) - src (id 1081) - gnats (id 1082) - gnats (id1083) - shadow (id 1085) - utmp (id 1087) - video (id 1089) - sasl(id 1091) - plugdev (id 1093) - staff (id 1101) - games (id 1121) -libuuid (id 1200) Note that, in addition to the Administrator andGuest accounts, Nessus has enumerated only those local users withIDs between 1000 and 1200. To use a different range, edit the scanpolicy and change the 'Start UID' and/or 'End UID' preferences forthis plugin, then re-run the scan.


16/23

Plugin ID:10860

CVE:CVE-2000-1200

BID:959


SMB LsaQueryInformationPolicy Function SID Enumeration

Synopsis:It is possible to obtain the host SID for the remote host.

Description:By emulating the call to LsaQueryInformationPolicy(), it was possible

to obtain the host SID (Security Identifier). The host SID can thenbe used to get the list of local users.

Risk factor:None

See also:http://technet.microsoft.com/en-us/library/bb418944.aspx

Solution:You can prevent anonymous lookups of the host SID by setting the'RestrictAnonymous' registry setting to an appropriate value. Referto the 'See also' section for guidance.

Plugin output:The remote host SID value is : 1-5-21-1042354039-2475377354-766472396 The value of 'RestrictAnonymous' setting is : unknown

Plugin ID:10859

CVE:CVE-2000-1200

BID:959


Port dns (53/tcp) [-/+]

DNS Server Detection

Synopsis:


17/23

A DNS server is listening on the remote host.

Description:The remote service is a Domain Name System (DNS) server, whichprovides a mapping between hostnames and IP addresses.

Risk factor:None

See also:http://en.wikipedia.org/wiki/Domain_Name_System

Solution:Disable this service if it is not needed or restrict access to internalhosts only if the service is available externally.

Plugin ID:11002

DNS Server Detection

Synopsis:A DNS server is listening on the remote host.

Description:The remote service is a Domain Name System (DNS) server, whichprovides a mapping between hostnames and IP addresses.

Risk factor:None

See also:

http://en.wikipedia.org/wiki/Domain_Name_System

Solution:Disable this service if it is not needed or restrict access to internalhosts only if the service is available externally.

Plugin ID:11002

DNS Server hostname.bind Map Hostname Disclosure

Synopsis:The DNS server discloses the remote host name.

Description:It is possible to learn the remote host name by querying the remoteDNS server for 'hostname.bind' in the CHAOS domain.

Risk factor:None

Solution:


18/23

It may be possible to disable this feature. Consult the vendor'sdocumentation for more information.

Plugin output:The remote host name is : metasploitable

Plugin ID:35371

ISC BIND version Directive Remote Version Disclosure

Synopsis:It is possible to obtain the version number of the remote DNSserver.

Description:The remote host is running BIND, an open-source DNS server. It ispossible to extract the version number of the remote installation bysending a special DNS request for the text 'version.bind' in the

domain 'chaos'.

Risk factor:None

Solution:It is possible to hide the version number of bind by using the'version' directive in the 'options' section in named.conf

Plugin output:The version of the remote DNS server is : 9.4.2

Plugin ID:

10028


Port postgresql (5432/tcp) [-/+]

PostgreSQL Server Detection

Synopsis:A database service is listening on the remote host.

Description:The remote service is a PostgreSQL database server, or a derivativesuch as EnterpriseDB.

Risk factor:None

See also:http://www.postgresql.org/


19/23

Solution:Limit incoming traffic to this port if desired.

Plugin ID:26024

Port www (80/tcp) [-/+]

HTTP TRACE / TRACK Methods Allowed

Synopsis:Debugging functions are enabled on the remote web server.

Description:The remote webserver supports the TRACE and/or TRACK methods.TRACE and TRACK are HTTP methods that are used to debug webserver connections.

Risk factor:

Medium

CVSS Base Score:4.3CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

See also:http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf

See also:http://www.apacheweek.com/issues/03-01-24

See also:http://www.kb.cert.org/vuls/id/288308

See also:http://www.kb.cert.org/vuls/id/867593

See also:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200942-1

Solution:Disable these methods. Refer to the plugin output for moreinformation.

Plugin output:To disable these methods, add the following lines for each virtualhost in your configuration file : RewriteEngine on RewriteCond%{REQUEST_METHOD} (TRACE|TRACK) RewriteRule .* - [F]Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2support disabling the TRACE method natively via the 'TraceEnable'directive. Nessus sent the following TRACE request : ------------------------------ snip ------------------------------ TRACE


20/23

/Nessus808436792.html HTTP/1.1 Connection: Close Host:192.168.29.128 Pragma: no-cache User-Agent: Mozilla/4.0(compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png,*/* Accept-Language: en Accept-Charset: iso-8859-1,*,utf-8 ------------------------------ snip ------------------------------ and received the

following response from the remote server : ------------------------------ snip ------------------------------ HTTP/1.1 200 OK Date: Fri, 03 Sep2010 11:48:27 GMT Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch Keep-Alive: timeout=15, max=100Connection: Keep-Alive Transfer-Encoding: chunked Content-Type:message/http TRACE /Nessus808436792.html HTTP/1.1 Connection:Keep-Alive Host: 192.168.29.128 Pragma: no-cache User-Agent:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,image/png, */* Accept-Language: en Accept-Charset: iso-8859-1,*,utf-8 ------------------------------ snip ------------------------------

Plugin ID:

11213

CVE:CVE-2003-1567, CVE-2004-2320, CVE-2010-0386

BID:9506, 9561, 11604, 33374, 37995


Service Detection

A web server is running on this port.

Plugin ID:22964

HTTP methods per directory

Synopsis:This plugin determines which HTTP methods are allowed on variousCGI directories.

Description:By calling the OPTIONS method, it is possible to determine whichHTTP methods are allowed on each directory. As this list may be

incomplete, the plugin also tests - if 'Thorough tests' are enabled or'Enable web applications tests' is set to 'yes' in the scan policy -various known HTTP methods on each directory and considers themas unsupported if it receives a response code of 400, 403, 405, or501. Note that the plugin output is only informational and does notnecessarily indicate the presence of any security vulnerabilities.

Risk factor:None


21/23

Solution:n/a

Plugin output:Based on the response to an OPTIONS request : - HTTP methods

GET HEAD OPTIONS POST TRACE are allowed on : /

Plugin ID:43111

HTTP Server type and version

Synopsis:A web server is running on the remote host.

Description:This plugin attempts to determine the type and the version of theremote web server.

Risk factor:None

Solution:n/a

Plugin output:The remote web server type is : Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch Solution : You can set the directive'ServerTokens Prod' to limit the information emanating from theserver in its response headers.

Plugin ID:10107

HyperText Transfer Protocol (HTTP) Information

Synopsis:Some information about the remote HTTP configuration can beextracted.

Description:This test gives some information about the remote HTTP protocol -the version used, whether HTTP Keep-Alive and HTTP pipelining areenabled, etc... This test is informational only and does not denote

any security problem.

Risk factor:None

Solution:n/a

Plugin output:


22/23

Protocol version : HTTP/1.1 SSL : no Keep-Alive : yes Optionsallowed : (Not implemented) Headers : Date: Fri, 03 Sep 201011:48:29 GMT Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch Last-Modified: Wed, 17 Mar 201014:08:25 GMT ETag: "107f7-2d-481ffa5ca8840" Accept-Ranges:bytes Content-Length: 45 Keep-Alive: timeout=15, max=100

Connection: Keep-Alive Content-Type: text/html

Plugin ID:24260

Backported Security Patch Detection (WWW)

Synopsis:Security patches are backported.

Description:Security patches may have been 'back ported' to the remote HTTPserver without changing its version number. Banner-based checks

have been disabled to avoid false positives. Note that this test isinformational only and does not denote any security problem.

Risk factor:None

See also:http://www.nessus.org/u?d636c8c7

Solution:N/A

Plugin output:

Give Nessus credentials to perform local checks.

Plugin ID:39521

Port ajp13 (8009/tcp) [-/+]

AJP Connector Detection

Synopsis:There is an AJP connector listening on the remote host.

Description:The remote host is running an AJP (Apache JServ Protocol)connector, a service by which a standalone web server such asApache communicates over TCP with a Java servlet container suchas Tomcat.

Risk factor:None

See also:


23/23

http://tomcat.apache.org/connectors-doc/

See also:http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html

Solution:

n/a

Plugin output:The connector listing on this port supports the ajp13 protocol.

Plugin ID:21186

reporte completo nessus

Documents