report_en(12)

Scan PSYCOWINGeneration Date 2013-07-26 21:51:42 UTC

McAfee Vulnerability Manager 7.5 1999-2012 McAfee Inc.

Table of ContentsSummary

Summary

FoundScoreFoundScore

Discovered HostsDiscovered Hosts

Operating SystemsOperating Systems

BannersBanners

Network MapNetwork Map

ServicesNetwork ServicesServices Description

VulnerabilitiesVulnerabilitiesVulnerabilities By HostVulnerability Details

Windows HostsWindows Host SummaryWindows AccessWindows Vulns By CategoryWindows Vulns By Risk

Unix HostsUnix Host SummaryUnix AccessUnix Vulns By CategoryUnix Vulns By Risk

Infrastructure AssessmentInfrastructure Host SummaryInfrastructure AccessInfrastructure Vulns By CategoryInfrastructure Vulns By Risk

DeltaDelta

TrendTrend

Scan Configuration HistoryConfiguration History

Vulnerability Check Configuration

Vulnerability Check Configuration

Summary Report

CVE Last Modified Date 2013-07-26 03:06:29 UTC

SCAN SPECIFICATIONS

Scan Type: External Organization: Data CenterStart Time: 2013-07-26 21:36:22 UTC Stop Time: 2013-07-26 21:51:41 UTCScan Description: McAfee Vulnerability Manager Default Configuration Scan Duration: 15 Minute(s), 19 Second(s)

FOUNDSCORE SUMMARY >> Detailed Report

Low Risk High Risk 57

100

Click here for a Detailed Explanation of the FoundScore Risk RatingSystem.

DISCOVERED HOSTS SUMMARY >> Detailed Report

Top Ten Networks by Active System Count

Network Name Active IP Addresses Total IP Addresses Scanned172.30.8.29 1 1Total 1 1

Total Active Systems 1

Note: McAfee Vulnerability Manager uses a customizable rule-based system to track individual assets, hence it is possible that multiplediscovered hosts match a single asset based on currently configured rules. For this reason, the number of Active Systems (assets) displayed inthe Discovered Hosts or Assets Summary section can be less than the total number of Hosts Found in the scan status page.

OPERATING SYSTEMS SUMMARY >> Detailed Report

Top 15 Operating Systems Found

+ Denotes operating system identification was achieved through NULL session access.++ Denotes operating system identification was achieved through credentialed access.* Denotes operating system comes from ePO.** Denotes multiple operating systems fingerprinted on the same IP address. This can occur under situations such as port forwarding.

NETWORK SERVICES SUMMARY >> Detailed Report

Top 15 Services

VULNERABILITY REPORT SUMMARY >> Detailed Report

Vulnerabilities By Severity Vulnerabilities By Module

DELTA REPORT SUMMARY >> Detailed Report

Summary Comparison 2013-07-26 21:02:55 UTC 2013-07-26 21:51:41 UTC ChangeFoundScore Risk Rating: 100 57 -43

Total Vulnerabilities: 0 26 26

Total Discovered Hosts: 0 1 1Total Network Services: 0 9 9Total Web Servers: 0 1 1

Total SSL Web Servers: 0 0 0

Total SMTP Servers: 0 0 0

Total FTP Servers: 0 0 0

Total Telnet Servers: 0 0 0

TREND REPORT SUMMARY >> Detailed Report

FoundScore

WINDOWS VULNERABILITIES BY CATEGORY SUMMARY >> Detailed Report

FoundScore Report

FoundScore Report


100

Click here for a Detailed Explanation of the FoundScore RiskRating System.

FoundScore Risk Rating

You scored a total of 57 out of a possible 100 points. Your FoundScore as of 2013-07-26 21:51:41 places you in the Average category. Thus,relative to other organizations, your risk rating is average. Please review the Results graph and Categories table below for details.

FoundScore ResultsThe solid bar indicates the maximum possible deductions for each category. The transparent bar indicates the number of deductions actually

taken.

FoundScore: Vulnerabilities Your Results Deductions Running ScoreHigh Risk Vulnerabilities 0 0 100Medium Risk Vulnerabilities 1 10 90Low Risk Vulnerabilities 2 10 80Informational Risk Vulnerabilities 23 0 80

Score after Vulnerability Deductions: 80

FoundScore: Exposure - External Your Results Deductions Running ScoreNumber of Non-Essential Services 8 8 72Number of Machines with No EssentialServices 0 0 72

UDP Permitted 1 10 62

ICMP Permitted 1 5 57Total Score 57

Average

To understand what systems and ports affected your FoundScore, click on the specific item of interest in the "Your Results" column in the abovetable.

FoundScore Details

Note: The Foundscore and Deductions shown above indicate the risk profile of your environment as last assessed by this scan on 2013-07-2621:51:41. Updates to Vulnerability Risk rankings and Host Criticality impact the Foundscore calculation, hence it is possible that the details shownbelow have changed over time. Use Asset reporting to provide the most up-to-date assessment of your environment.

Non-Essential Services

Service Name Protocol - Port Affected System(s)

loc-srv tcp - 135 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

netbios-ns udp - 137 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

netbios-ssn tcp - 139 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

microsoft-ds tcp - 445 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

svchost tcp - 1025 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

ms-sql-s tcp - 1433 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

ms-sql-m udp - 1434 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

ms-term-service tcp - 3389 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

System(s) w/ No Essential Services

Affected System(s) Operating System IP Addresses Protocol - PortThere is no data to display.

UDP Permitted

Service Name Protocol - Port Affected System(s)

netbios-ns udp - 137 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

ms-sql-m udp - 1434 psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

ICMP Permitted ( Echo Request )

Affected System(s) Operating System

psycowin-srv.comcel.com.gt PSYCOWIN-SRV 172.30.8.29

Windows Server 2003

Vulnerabilities By Risk

Risk Level Vulnerability Name Hosts Discovered

Medium Microsoft Internet Information Services WebDAV SecurityBypass Vulnerability

1

Low NetBIOS NBTSTAT -A 1

Low Microsoft SQL Server UDP 1434 Database Instance TCPInformation Disclosure

1

Informational Microsoft Windows Terminal Service 1

Informational Microsoft IIS WebDav Enabled 1

Informational Microsoft SQL TCP Listener Detected 1

Informational LSASS RPC Interface Detected 1

Informational Microsoft SQL Server Authentication Mode 1

Informational Microsoft IIS Server Detected 1

Informational Microsoft SQL Server Instances Enumerated 1

Informational Microsoft IIS NTLM Authentication Disabled 1

Informational Microsoft IIS Anonymous Access Enabled 1

Informational Microsoft IIS Basic Authentication Scheme Disabled 1

Informational Microsoft IIS IISADMPWD Virtual Directory Detected 1

Informational Microsoft IIS Host Name Setting Enumerated 1

Informational Microsoft IIS MSADC Virtual Directory Detected 1

Informational Microsoft IIS Printers Virtual Directory Detected 1

Informational Microsoft IIS Scripts Virtual Directory Detected 1

Informational Microsoft Windows Remote Desktop Web ConnectionDetected

1

Informational Microsoft IIS Server Extensions Enumerated 1

Informational Microsoft IIS Server Script Mapping Configuration PresenceDetected

1

Informational NetBIOS Bindings Information Detected 1

Informational NetBIOS Names Information Accessible 1

Informational Microsoft Remote Procedure Call Service Detected 1

Informational Web Server HTTP Protocol Version Detected 1

Informational Web Server WebDAV Detected 1

TOP 15 HOSTS WITH THE LARGEST NUMBER OF VULNERABILITIES

Top 15 Hosts with Vulnerabilities


System High Medium Low Informational Criticality

psycowin-srv.comcel.com.gt, PSYCOWIN-SRV, 172.30.8.29

0 1 2 23 None

FoundScore Explained

FoundScore is a security ranking system that compares aspects of your environment against best practices in order to quantify your security risk.FoundScore is divided into 2 separate, yet related components:FoundScore: Vulnerabilities

50 pts. Based on the combination of high, medium and low risk vulnerabilities discovered within yourenvironment, you are assessed a score between 0 and 50 points. Points are deducted for eachvulnerability found based on its risk ranking (high, medium, low).

FoundScore: Exposure

50 pts. A rating of how exposed your network is to Internet threats based on generally accepted securityprinciples. A total of 50 points are possible. Points are deducted for each violation in 4 categories(described below).

Combined FoundScore 100 pts.Please note that if you are using only the Exposure level of service (no vulnerabilities checked), then the Exposure ranking is the onlyscore available and the maximum score possible will be 50. The attributes of your environment that are assessed to determine your overall FoundScore rating (Vulnerabilities + Exposure) are as follows(evaluation criteria is fully described below):- Does your environment possess vulnerabilities that can be exploited by attackers to harm your systems and/or potentially gain unauthorizedaccess?- Does your environment possess non-essential network services that increase the possibility of a security breach?- Are there machines in your environment that do not perform a function considered inherent to normal Internet operations?- Do you permit inbound UDP traffic to your network (other than DNS traffic on port 53)?- Do you permit inbound ICMP to your network? The comparison of your network against the five criteria listed above provides you a quantitative statement of your environment's security risk.Within the FoundScore system, a network starts with a full one-hundred (100) points. For each violation, a number of points are deducted fromthe original 100. Thus, a higher score reflects a more effective security posture (i.e. an environment with less risk). Conversely, a lower scoreindicates that your environment possesses more security weaknesses and consequently more risk. The highest score possible is 100, the lowestscore is 0. The table below indicates the qualitative ratings assigned to the range of possible scores.

Score Range Ranking0 - 25 Poor26 - 50 Below Average51 - 70 Average71 - 85 Above Average86 - 100 Excellent

The points that are deducted from the starting score of 100 are based upon the criteria involved (i.e. How severe is the security weakness? Howgreat is the risk?). When considering the number of vulnerabilities, non-essential services and machines without essential services discovered,the pervasiveness of the exposure is also considered (i.e. how many vulnerabilities, services, or machines were discovered). The points systemis detailed in the table below.

The maximum deductions in each area (and the highest possible score) is 50; once 50 points have been deducted, no further deductions willtake place for the Vulnerability or the Exposure rating (i.e. it is not possible to have a negative FoundScore, 0 is the lowest score). FoundScore: Vulnerability

Criteria ExplanationHigh Risk Vulnerability For every high risk vulnerability discovered, 50 points

are deducted from the FoundScore.Medium Risk Vulnerability For every medium risk vulnerability discovered, 10

points are deducted from the FoundScore.Low Risk Vulnerability For every low risk vulnerability discovered, 5 points are

deducted from the FoundScore.Informational Risk VulnerabilityFor every informational vulnerability discovered, 0

points are deducted from the FoundScore.

FoundScore: Exposure

Criteria ExplanationNumber of Non-Essential Services For every non-essential service discovered,

1 point is deducted from the FoundScore.Number of Machines without a SingleEssential Service

For every machine discovered that is nothosting an essential service, 1 point isdeducted from the FoundScore.

UDP Permitted If UDP is permitted inbound to the networkother than port 53 (DNS), 10 points arededucted from the FoundScore.

ICMP Permitted If ICMP is permitted inbound to the network,5 points are deducted from the FoundScore.

External FoundScore does not indicate...- The effectiveness of your security policy To determine the effectiveness of any security policy, manual review of the policy itself is necessary, as well as in-depth knowledge of the networkand its applications. Even if a policy is built around sound security principles, it may be poorly implemented. The FoundScore rating is based ongenerally accepted best practices for a typical environment. Your network may have unique needs so what is commonly considered an exposurecould actually be an acceptable preference in your environment.- The likelihood of attack The attractiveness of an environment to potential attackers is somewhat intangible and impossible to quantify. Factors include a potential victims reputation and prestige, an attackers perception of monetary gain, the perceived value of vulnerable data and much more. Personalmotives such as revenge (employee termination, for instance) must also be considered. Detailed Description of Evaluation Criteria

FoundScore: Vulnerability High Risk - Exploitation of the vulnerability discovered on the system can directly lead to an attacker gaining privileged access (e.g. administrator,root) to the machine over a remote connection. Examples: IIS Remote Data Services, RPC Automountd. A High score is quantified by fallingwithin a 7-10 score overall. The overall score is calculated by averaging individual ratings including Simplicity, Popularity, and Impact.

Medium Risk - The vulnerability discovered on the system can directly lead to an attacker gaining non-privileged access (e.g. standard user) tothe machine, or the vulnerability provides access that can be leveraged within one step to gain administrator level access. Examples: MicrosoftIIS Translate f: Source Disclosure, Open and accessible NetBIOS ports. A Medium score is quantified by falling within a 4-6 score overall. Theoverall score is calculated by averaging individual ratings including Simplicity, Popularity, and Impact.

Low Risk - The vulnerability discovered on the system provides enticement data to the attacker that may be used to launch a more informedattack against the target environment. In addition, the vulnerability may indirectly lead to an attacker gaining some form of access to the machineover a remote connection. Examples: Anonymous FTP access, SNMP guessable community string. A Low score is quantified by falling within a1-3 score overall. The overall score is calculated by averaging individual ratings including Simplicity, Popularity, and Impact.

Informational Risk - A finding on the system that provides data to an attacker that is of lesser value to an attacker than the enticement dataprovided by a low risk vulnerability. As a comparison, access to data using NetBIOS name table retrieval (NBTStat) is an informational vulnerabilitywhereas the ability to enumerate Windows user accounts via a null session is a low vulnerability. Organizations may also not be able to addressinformational findings-- they may be inherent to the network services or architecture in use. For example, the SSH protocol requires a versionnumber declaration, a support cipher and methods exchange to be included in the service banner. An informational score is quantified by a 0score overall. The overall score is calculated by averaging individual ratings including Simplicity, Popularity, and Impact.

FoundScore: Exposure 1. Number of Non-Essential ServicesServices not critical to typical Internet-related business operations create significant security exposures. Common External security practiceslimit network services permitted and active within an environment to only those absolutely necessary. By reducing the number of active networkservices externally, you reduce the likelihood of security breaches. A network running 10 services, for example, is at greater risk than a networkwith five services because there are twice the number of services to configure, manage, update, and audit. And given the dynamic nature ofsecurity, even a small number of additional network services can create an exponential increase in exposure. New vulnerabilities are releasedon a frequent, often daily, basis. Nonetheless, the following services are essential to most networks externally:

Essential ServicesService Name Protocol PortsDNS UDP 53FTP TCP 21HTTP TCP 80, 8080, 8000HTTPS (SSL) TCP 443SMTP TCP 25SSH TCP 22

For every non-essential network service (services not listed above) discovered to be accessible and active, one point is deducted from the overallFoundScore ranking, up to a maximum of 20 points.

2. Number of Machines without a Single Essential ServiceMachines that do not perform a core business operation should be minimized and/or removed to reduce the risk of a security breach. Suchmachines increase system administration overhead and often host non-essential services ( see above) that pose additional security risks. In theFoundScore rating, a non-core machine is one that does not have an active, essential service. Any machine identified as alive (by respondingto an ICMP request or one of a variety of TCP/UDP "pings"), but not running an essential service on a known port, is considered detrimental tothe overall security posture. For External scans, each machine discovered in this category, one point is deducted from the FoundScore ranking, up to a maximum of 15 points.

3. UDP Permitted Inbound to the EnvironmentFor External scans, an Internet presence does not typically require UDP, with the exception of DNS handled on port 53. UDP is a security exposurebecause it is a common transport protocol for popular Denial of Service (DoS) attacks and backdoor programs such as trin00 and Back Orifice.In addition, the connection-less nature of UDP complicates monitoring and auditing UDP-based services. If UDP is permitted in the environment other than on port 53, 10 points are deducted from the overall FoundScore.

4. ICMP Permitted Inbound to the EnvironmentAlthough useful for simple diagnostic testing, inbound ICMP creates significant exposure because it is the transport protocol of choice for popularDoS attacks such as mstream and Tribal Flood Network. If ICMP is found permitted in an External scan, 5 points are deducted from the overall FoundScore.

Hosts Report

Discovered Addresses By Range(s) Scanned

McAfee Vulnerability Manager uses a combination of ICMP, UDP, and TCP "pings" to discover hosts. The graph and tables below contain theresults of McAfee Vulnerability Manager's thorough host discovery process, displaying active and total potential hosts for the IP address rangesprovided.

Summary of Discovered Addresses

Network Name Active IP Addresses Total IP Addresses Scanned172.30.8.29 1 1

Total 1 1

Note: McAfee Vulnerability Manager uses a customizable rule-based system to track individual assets, hence it is possible that multiplediscovered hosts match a single asset based on currently configured rules. For this reason, the number of Active Systems (assets) displayed inthe Discovered Hosts or Assets Summary section can be less than the total number of Hosts Found in the scan status page. Active Addresses

172.30.8.29

IP AddressMAC Address

DNS NameNetBios NameLabel

Criticality Operating Systems Services *Vulns

172.30.8.290050568D6C2B

psycowin-srv.comcel.com.gtPSYCOWIN-SRV

None Windows Server2003cpe:/o:microsoft:windows_2003_server

http tcp - 80loc-srv tcp - 135netbios-ns udp - 137netbios-ssn tcp - 139microsoft-ds tcp - 445svchost tcp - 1025ms-sql-s tcp - 1433ms-sql-m udp - 1434ms-term-service tcp - 3389http tcp - 8099

32

* Please refer to Web report for Web Vuln Count. Active Hosts

Active Hosts


IP Addresses Criticality Operating System Services *Unique Vulns


172.30.8.29 None Windows Server 2003cpe:/o:microsoft:windows_2003_server

http tcp - 8099loc-srv tcp - 135netbios-ns udp - 137netbios-ssn tcp - 139microsoft-ds tcp - 445

26


IP Addresses Criticality Operating System Services *Unique Vulns

svchost tcp - 1025ms-sql-s tcp - 1433ms-sql-m udp - 1434ms-term-service tcp -3389

* Web Vulns are considered unique on a per web app asset basis.

Operating Systems Report

Operating Systems

McAfee Vulnerability Manager discovered the following operating systems in this scan. It used McAfee Vulnerability Manager's proprietary OS identification technology,employing both TCP and ICMP fingerprinting techniques.

Top 15 Operating Systems Found

Windows Operating System Summary

+ Denotes operating system identification was achieved through NULL session access.++ Denotes operating system identification was achieved through credentialed access.* Denotes operating system comes from ePO.** Denotes multiple operating systems fingerprinted on the same IP address. This can occur under situations such as port forwarding.

Operating System Name Total Number Discovered Percent of Discovered

Windows Server 2003 1 100.0%

Total 1 100%

Operating System Summary

Operating System Summary

Operating System System Criticality

Windows Server 2003cpe:/o:microsoft:windows_2003_server


None

Banners Report

BANNERS

Banners

System IP Address Banner


172.30.8.29 tcp - 80 HTTP/1.1 200 OKContent-Length: 1433Content-Type: text/htmlContent-Location: http://172.30.8.29/iisstart.htmLast-Modified: Sat, 22 Feb 2003 00:48:30 GMTAccept-Ranges: bytesETag: "03251ecdac21:266"Server: Microsoft-IIS/6.0Date: Fri, 26 Jul 2013 21:37:39 GMTConnection: close

Under Construction

Under Construction

The site you are trying to view does not currently have a default page. It may be in the process of being upgraded and configured.

Please try this site again later. If you still experience the problem, try contacting the Web site administrator.

If you are the Web site administrator and feel you have received this message in error, please see "Enabling and Disabling Dynamic Content" in IIS Help.
To access IIS Help

Click Start, and then click Run.

In the Open text box, type inetmgr. IIS Manager appears.

From the Help menu, click Help Topics.

Click Internet Information Services.

System IP Address Bannertcp - 135 e1af8308-5d1f-11c9-91a4-08002b14a0fa [Endpoint Mapper -v3.0]0b0a6584-9e0f-11cf-a3cf-00805f68cb1b [Local Endpoint Mapper - v1.1]1d55b526-c137-46c5-ab79-638f2a68e869 [DbgIdl - v1.0]e60c73e6-88f9-11cf-9af1-0020af6e72f4 [ILocalObjectExporter - v2.0]99fcfec4-5260-101b-bbcb-00aa0021347a [IOXIDResolver - v0.0]b9e79e60-3d52-11ce-aaa1-00006901293f [IROT - v0.2]412f241e-c12a-11ce-abff-0020af6e7a17 [ISCM - v0.2]00000136-0000-0000-c000-000000000046 [ISCMLocalActivator - v0.0]c6f3ee72-ce7e-11d1-b71e-00c04fc3111a [IMachineActivatorControl - v1.0]4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 [IRemoteActivation- v0.0]000001a0-0000-0000-c000-000000000046 [ISystemActivator - v0.0]udp - 137 MAC Address: 00:50:56:8D:6C:2BNIC Vendor : VMWare, Inc.Netbios Name Table (3 names)PSYCOWIN-SRV 00 UNIQUE Workstation service nameCOMCEL_DOMINIO 00 GROUP Workstation service nameCOMCEL_DOMINIO 1E GROUP Group nametcp - 1025 12345778-1234-abcd-ef00-0123456789ab [LSA access - v0.0]c681d488-d850-11d0-8c52-00c04fd90f7e [Encrypted File System - v1.0]11220835-5b26-4d94-ae86-c3e475a809de [Unknown - v1.0]5cbe92cb-f4be-45c9-9fc9-33e73e557b20 [Unknown - v1.0]3919286a-b10c-11d0-9ba8-00c04fd92ef5 [LSA DS access -v0.0]1cbcad78-df0b-4934-b558-87839ea501c9 [Unknown - v0.0]12345778-1234-abcd-ef00-0123456789ac [SAM access - v1.0]12345678-1234-abcd-ef00-01234567cffb [Net Logon service- v1.0]c9378ff1-16f7-11d0-a0b2-00aa0061426a [Protected Storage- v1.0]12345678-1234-abcd-ef00-0123456789ab [Spooler service -v1.0]udp - 1434 |.ServerName;PSYCOWIN-SRV;InstanceName;MSSQLSERVER;IsClustered;No;Version;8.00.194;tcp;1433;np;\\PSYCOWIN-SRV\pipe\sql\query;tcp - 3389 03 00 00 13 0E D0 00 00 12 34 00 03 00 08 00 02 .........4......00 00 00 ** ** ** ** ** ** ** ** ** ** ** ** ** ...tcp - 8099 HTTP/1.1 403 ForbiddenContent-Length: 1409Content-Type: text/htmlServer: Microsoft-IIS/6.0Date: Fri, 26 Jul 2013 21:37:39 GMTConnection: closeontent-Type" Content="text/html; charset=Windows-1252">

System IP Address BannerH1 { font: 13pt/15pt verdana }H2 { font: 8pt/12pt verdana }A:link { color: red }A:visited { color: maroon }

The page must be viewed over a secure channelThe page you are trying to access is secured with Secure Sockets Layer (SSL).

Please try the following:

Type https:// at the beginning of theaddress you are attempting to reach and press ENTER.>

HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)
Technical Information (for support personnel)
>

Go to Microsoft Product Support Services and perform a title search for the words HTTP and 403.

Open IIS Help, which is accessiblein IIS Manager (inetmgr),and search for topics titled About Security, Secure Sockets Layer (SSL), and About Custom Error Messages.

L>

Topology Report

NETWORK TOPOLOGY

This network map graphically represents the target environment. To create it, McAfee Vulnerability Manager issued a series of ICMP and TCPtraceroute commands, analyzed the results, and mapped the devices based on their subnet membership and the distance between them.

It provides a high-level overview to help you easily identify discovered networks and devices, including their associated operating systems andvulnerabilities.

NETWORK TOPOLOGY SUMMARY

Router Firewall Wireless Device Load Balancer

NETWORK TOPOLOGY DETAILS

Windows

Network Topology Summary

Node Type Node Information Connected Systems Count

Router172.30.4.1 1

Total Vulnerabilities:32 High: 0 Medium: 1 Low: 2 Informational: 29


172.30.8.29

32 0 1 2 29

Services Report

Top 15 Services

This report describes all of the network services that were discovered by the scan. For a description of the service and its potential risk, click thename of the service.

Top 15 Services

http - Hyper Text Transfer Protocol Standard Port: tcp - 80

System IP Addresses

psycowin-srv.comcel.com.gt PSYCOWIN-SRV

172.30.8.29 - 80 [ banner ] [ connect ]172.30.8.29 - 8099 [ banner ] [ connect ]

loc-srv - Windows RPC service Standard Port: tcp - 135

System IP Addresses


172.30.8.29 - 135 [ banner ]

netbios-ns - NETBIOS Name Service Standard Port: udp - 137

System IP Addresses


172.30.8.29 - 137 [ banner ]

netbios-ssn - NETBIOS Session Service Standard Port: tcp - 139

System IP Addresses


172.30.8.29 - 139

microsoft-ds - Windows Server Message Block Standard Port: tcp - 445

System IP Addresses


172.30.8.29 - 445

svchost - Win32 Generic Host Process Standard Port: tcp - 1025

System IP Addresses


172.30.8.29 - 1025 [ banner ]

ms-sql-s - Microsoft-SQL-Server Standard Port: tcp - 1433

System IP Addresses


172.30.8.29 - 1433

ms-sql-m - Microsoft-SQL-Monitor Standard Port: udp - 1434

System IP Addresses


172.30.8.29 - 1434 [ banner ]

ms-term-service - Microsoft Terminal Services Standard Port: tcp - 3389

System IP Addresses


172.30.8.29 - 3389 [ banner ]

Services Description

NETWORK SERVICE DESCRIPTIONS

Network Service Descriptions

Service Name StandardPort

Description

Windows RPC service 135 - tcp TCP port 135, similar to its sister port UDP 135, allows an attacker to view sensitive systeminformation without authenticating. Information such as installed services and internallyaddressable IP addresses (RFC 1913) can be discovered and leveraged to gain furtheraccess. If TCP 135 is an essential service in your organization (i.e. - MS Exchange requiresit), you must restrict the source of who can connect to the port via a port filtering mechanismsuch as a firewall.

NETBIOS Name Service 137 - udp UDP port 137 allows an attacker to query the Windows Naming Service. With thisinformation, an attacker can learn about Windows system names and leverage theinformation for further attack.

NETBIOS Session Service 139 - tcp NETBIOS Session Service allows an attacker to remotely connect to systems. Netbios isarguably the single largest Windows threat in existence. You should restrict access to thisport whenever possible. To restrict access to this port you can 1) Disable WINS TCP/IPservice, 2) enable a packet filtering device, or 3) enable a firewall device.

Windows Server Message Block 445 - tcp Microsoft Directory Service is the service associated with Windows SMB and Samba. Thedirectory service stores and maintains all information related to a systems users, groups,permission, etc. as well as allow a user to map a share, among other functions. Port 445replaces the need for port 137, 138, and 139 on Windows systems. It is highly recommendedthat you block access to this port, particularly from the Internet, as it allows an attacker tolaunch an attack attempting to gain access to the sensitive information.

Win32 Generic Host Process 1025 - tcp Win32 Generic Host Process

Microsoft-SQL-Server 1433 - tcp Microsoft SQL server uses port 1433 to communicate with clients using database services.Weak user passwords allow attackers to access unauthorized data hosted on the database.A common issue with Microsoft SQL server is that an out-of-the-box installation leaves thepassword of the System Administrator account (sa) as blank. If left unconfigured, attackerscan gain system administrator privileges on the SQL server database using a blankpassword. In some cases, attackers can invoke stored procedures on the database serverto run arbitrary commands under system administrator privileges.

Microsoft-SQL-Monitor 1434 - udp

Microsoft Terminal Services 3389 - tcp Microsoft Terminal Server uses remote desktop protocol (RDP) which runs over TCP port3389. If weak authentication mechanisms are put in place, it is possible to gain access onthe system. If TCP 3389 is an essential service, it is recommended that you limit access tothis service through packet filtering routers and firewalls.

Hyper Text Transfer Protocol 80 - tcp The WWW (World Wide Web) service allows transfer of webpages in hypertext markuplanguage (HTML) format to be interpreted by a web browser. There are many securityvulnerabilities in web applications and servers that may allow a remote user access to thesystem in some manner. The best recommendation is to audit your web application's code,searching for weaknesses in security design. In addition, you should remove anyunnecessary programs and files from the server to reduce your vulnerability to knownsecurity holes.

Detailed Vulnerability Report

VULNERABILITY REPORT

Vulnerabilities By Severity Vulnerabilities By Module

Vulnerabilities By Risk

Risk Level Vulnerability Name HostsDiscovered

Affected System(s) VulnerableInstances

Medium Microsoft Internet InformationServices WebDAV SecurityBypass Vulnerability

1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

Low NetBIOS NBTSTAT -A 1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

Low Microsoft SQL Server UDP 1434Database Instance TCPInformation Disclosure


1

Informational Microsoft Windows TerminalService


1

Informational Microsoft IIS WebDav Enabled 1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

Informational Microsoft SQL TCP ListenerDetected


1

Informational LSASS RPC Interface Detected 1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

Informational Microsoft SQL ServerAuthentication Mode


1

Informational Microsoft IIS Server Detected 1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

Informational Microsoft SQL Server InstancesEnumerated


1

Informational Microsoft IIS NTLMAuthentication Disabled


1

Risk Level Vulnerability Name HostsDiscovered

Affected System(s) VulnerableInstances

Informational Microsoft IIS Anonymous AccessEnabled


1

Informational Microsoft IIS Basic AuthenticationScheme Disabled


1

Informational Microsoft IIS IISADMPWD VirtualDirectory Detected


1

Informational Microsoft IIS Host Name SettingEnumerated


1

Informational Microsoft IIS MSADC VirtualDirectory Detected


1

Informational Microsoft IIS Printers VirtualDirectory Detected


1

Informational Microsoft IIS Scripts VirtualDirectory Detected


1

Informational Microsoft Windows RemoteDesktop Web ConnectionDetected


1

Informational Microsoft IIS Server ExtensionsEnumerated


1

Informational Microsoft IIS Server ScriptMapping Configuration PresenceDetected


1

Informational NetBIOS Bindings InformationDetected


1

Informational NetBIOS Names InformationAccessible


1

Informational Microsoft Remote Procedure CallService Detected


1

Informational Web Server HTTP ProtocolVersion Detected


1

Informational Web Server WebDAV Detected 1 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

1

NUMBER OF VULNERABILITIES BY OPERATING SYSTEM

Vulnerabilities For The Top 15 Operating Systems

Vulnerabilities By Operating System

Operating System High Medium Low Informational

Windows Server 2003 0 1 2 23

TOP 15 HOSTS WITH THE LARGEST NUMBER OF VULNERABILITIES



System High Medium Low Informational Criticality

psycowin-srv.comcel.com.gt, PSYCOWIN-SRV, 172.30.8.29

0 1 2 23 None

Vulnerabilities By Host Report

Vulnerabilities By Host

Vulnerabilities By Host

psycowin-srv.comcel.com.gt | PSYCOWIN-SRV | 172.30.8.29 Criticality: None

Microsoft Internet Information Services WebDAV Security Bypass Vulnerability 7.6 Medium172.30.8.29:80 (http)Response From System:

Affected Web SitesSite

HTTP/1.1 200 OKConnection: closeDate: Fri, 26 Jul 2013 21:40:22 GMTServer: Microsoft-IIS/6.0Content-Type: text/htmlContent-Length: 1433ETag: "03251ecdac21:266"Last-Modified: Sat, 22 Feb 2003 00:48:30 GMTAccept-Ranges: bytes

Under Construction

Under Construction

The site you are trying to view does not currently have a default page. It may be in the process of being upgraded and configured.Please try this site again later. If you still experience the problem, try contacting the Web site administrator.

If you are the Web site administrator and feel you have received this message in error, please see "Enabling and Disabling Dynamic Content" in IIS Help.To access IIS Help

Click Start, and then click Run.In the Open text box, type inetmgr. IIS Manager appears.From the Help menu, click Help Topics.Click Internet Information Services.

NetBIOS NBTSTAT -A 3.3 Low172.30.8.29:137 (netbios-ns)Response From System:

NetBIOS Remote Machine Name TableName Code Type StatusPSYCOWIN-SRV UNIQUE RegisteredCOMCEL_DOMINIO GROUP RegisteredCOMCEL_DOMINIO GROUP Registered

MAC Address = 00-50-56-8D-6C-2B

Microsoft SQL Server UDP 1434 Database Instance TCP Information Disclosure 5.0 Low172.30.8.29:1434 (ms-sql-m)Response From System:

servername;psycowin-srv;instancename;mssqlserver;isclustered;no;version;8.00.194;tcp;1433;np;\\psycowin-srv\pipe\sql\query;;

Microsoft Windows Terminal Service Informational

172.30.8.29:3389 (ms-term-service)Response From System:

0x0000 03 00 00 0b 06 d0 00 00 12 34 00 ........4.

Microsoft IIS WebDav Enabled Informational

172.30.8.29:80 (http)Response From System:


http/1.1 403 forbiddencontent-length: 1458content-type: text/htmlserver: microsoft-iis/6.0date: fri, 26 jul 2013 21:42:35 gmt

the page cannot be saved

body { font: 8pt/12pt verdana }h1 { font: 13pt/15pt verdana }h2 { font: 8pt/12pt verdana }a:link { color: red }a:visited { color: maroon }

the page cannot be savedthere is a problem saving the page to the web site. this error can occur if you attempt to upload a file or modify a file in a directory that does not allow write access.

please try the following:

contact the web site administrator if you believe this directory should allow write access.

http error 403.3 - forbidden: write access is denied.internet information services (iis)

technical information (for support personnel)

go to microsoft product support services and perform a title search for the words http and 403.open iis help, which is accessible in iis manager (inetmgr),and search for topics titled using virtual directories, changing default web site settings, and about custom error messages.

Microsoft SQL TCP Listener Detected Informational

172.30.8.29:1433 (ms-sql-s)

LSASS RPC Interface Detected Informational172.30.8.29:135 (loc-srv)Response From System:

SAMR, 1025IPSEC, 1025

Microsoft SQL Server Authentication Mode Informational

172.30.8.29:1433 (ms-sql-s)Response From System:

SQL Server and Windows

Microsoft IIS Server Detected Informational

172.30.8.29:80 (http) ,172.30.8.29:8099 (http)Response From System:


Microsoft Internet Information Services (IIS) found.

Microsoft SQL Server Instances Enumerated Informational

172.30.8.29:1434 (ms-sql-m)Response From System:

The following instance(s) of Microsoft Sql Server is running:InstanceName;MSSQLSERVER

Microsoft IIS NTLM Authentication Disabled Informational



NTLM Authentication is Disabled on Microsoft IIS.

Microsoft IIS Anonymous Access Enabled Informational



Anonymous Access Authentication is enabled on Microsoft IIS.

Microsoft IIS Basic Authentication Scheme Disabled Informational



Basic Authorization is Disabled on Microsoft IIS.

Microsoft IIS IISADMPWD Virtual Directory Detected Informational



IISADMPWD Virtual Directory is present on Microsoft IIS.

Microsoft IIS Host Name Setting Enumerated Informational



Use Host Header Name setting is not used for '/' in Microsoft Internet Information Server (IIS).

Microsoft IIS MSADC Virtual Directory Detected Informational



MSADC Virtual Directory is present on Microsoft IIS.

Microsoft IIS Printers Virtual Directory Detected Informational



Printers Virtual Directory is Present on Microsoft IIS.

Microsoft IIS Scripts Virtual Directory Detected Informational



Scripts Virtual Directory is detected on Microsoft IIS.

Microsoft Windows Remote Desktop Web Connection Detected Informational


Windows Remote Desktop Web Connection is accessible.

Microsoft IIS Server Extensions Enumerated Informational



Detected supporting Web Server Extensions .asp, .htm, .asa, .htr, .ida, .idc, .idq, .printer, .aspx, .stm, .shtml, .shtm, .htw

Microsoft IIS Server Script Mapping Configuration Presence Detected Informational



Script mapping configurations detected.

NetBIOS Bindings Information Detected Informational

172.30.8.29:137 (netbios-ns)Response From System:

Hardware Address: 00:50:56:8d:6c:2b

NetBIOS Names Information Accessible Informational

172.30.8.29:137 (netbios-ns)Response From System:

3 NetBIOS Name Tables Found:PSYCOWIN-SRVCOMCEL_DOMINIOCOMCEL_DOMINIO

Microsoft Remote Procedure Call Service Detected Informational

172.30.8.29:135 (loc-srv)

Web Server HTTP Protocol Version Detected Informational172.30.8.29:80 (http) ,172.30.8.29:8099 (http)Response From System:


HTTP/1.1

Web Server WebDAV Detected Informational


Vulnerability Details Report

VULNERABILITY DETAILS

Vulnerability Details

Microsoft Internet Information Services WebDAV Security Bypass Vulnerability 7.6 MediumDescription:

A vulnerability in Microsoft Internet Information Services may allow for Security Bypass, and potentially other, attacks.

Recommendation:

The vendor has released a patch to address this issue:http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx

Observation:

A vulnerability in Microsoft Internet Information Services may allow for Security Bypass, and potentially other, attacks.The flaw is specific to the WebDAV component of IIS (6.0). Multiple authentication-bypass vulnerabilities exist due to the improper enforcement of access restrictions on requeststo certain WebDAV folders. Exploitation can be achieved via specially-crafted URI requests to the server (via certain UNICODE characters).

Common Vulnerabilities & Exposures (CVE) Link:

CVE-2009-1535 CVE-2009-1676

Affected System(s)

System Criticality Operating System

psycowin-srv.comcel.com.gtPSYCOWIN-SRV172.30.8.29

None Windows Server 2003

NetBIOS NBTSTAT -A 3.3 LowDescription:

It is possible to retrieve NetBIOS Name Service information.

Recommendation:

To prevent access to NBTSTAT -A information block access to UDP port 137 and port 445 (NetBIOS Name Service). Note that blocking these ports will also block McAfeeFoundstone credentialled scans. This should only be done if credentialled scans are not needed.Blocking the NetBIOS Name Service can be done one of three ways:1. Use a network router upstream from the affected system to block UDP port 137 and port 445 to your network.2. Use a software firewall on the affected system and block UDP port 137 and port 445.3. Disable 'WINS TCP/IP Client' bindings in Windows NT or Windows 2000.To disable NetBIOS in Windows NT 4.0:a) Click 'Start' from the Start Menub) Click 'Settings'c) Click 'Control Panel'd) Double click on 'Network'e) Click on the Bindings tabf) Under 'Show Bindings for:' select 'all adapters'g) Find the network card you wish to disable Netbios for and expand ith) Select 'WINS Client (TCP/IP)', and hit the 'Disable' buttonI) Then reboot for the change to take effectTo disable NetBIOS in Windows 2000, XP:a) Click 'Start' from the Start Menub) Click 'Settings'c) Click 'Network and Dialup Connections'd) Click on the interface for you wish to disable Netbiose) Select the 'Internet Protocol (TCP/IP) componentf) Select 'Properties'g) Click the 'Advanced' buttonh) Select the 'WINS' tabi) Click 'Disable Netbios over TCP/IP'j) Click 'OK'

Observation:

All Microsoft Windows platforms include support for the NetBIOS network protocol stack. The NetBIOS protocol provides the underlying support for Microsoft Windows file andresource sharing. One component of all Microsoft Windows NetBIOS implementations is the NetBIOS Name Service.The NetBIOS Name Service listens for name service requests on UDP port 137. It can be queried to retrieve a listing of currently logged in user accounts and groups. In addition,the MAC address for the network interface over which the query is performed is included in the response to a nbtstat -A request.The DOS nbtstat command can be used to perform this operation. To do so, open a DOS command prompt and run the following command:nbtstat -A target_systemWhere target_system is the IP address or hostname of the target system.

Affected System(s)




Microsoft SQL Server UDP 1434 Database Instance TCP Information Disclosure 5.0 LowDescription:

An information disclosure vulnerability in Microsoft SQL Server allows attackers to gain sensitive information regarding the targeted host.

Recommendation:

This solution shows how to remove the TCP information regarding database instances on the SQL server. However, other sensitive information is still accessible if UDP port1434 is available.Please note: This solution will change the TCP listening port of the SQL server to 2433. Applications that require SQL connections and/or access control lists may need to bereconfigured.To address this issue, set the following registry key to 1:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\ SuperSocketNetLib\Tcp\TcpHideFlagTo do this:1. Click Start > Run. Type Regedt32.exe and click OK.2. Go to the following key in the registry:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\ SuperSocketNetLib\Tcp\TcpHideFlag3. On the Edit menu, double-click TcpHideFlag.4. Change the Value Data to 1.5. Exit the Registry Editor and restart the computer for the change to take effect.Once the TcpHideFlag is set, the SQL Resolution Service will still respond to queries over UDP port 1434, but without the TCP instance information.For more information on SQL hardening:http://www.nccgroup.com/Libraries/Document_Downloads/Threat_Profiling_Microsoft_SQL_Server__A_Guide_to_Security_Auditing.sflb.ashxIMPORTANT: Although this registry edit remediates the IP information disclosure, other sensitive information is still accessible by connecting to the Resolution service on UDPport 1434. To mitigate further risk, ensure that restrictions are placed on UDP port 1434 traffic across networks. Limiting traffic over UDP port 1434 shelters the informationnecessary for SQL to function. You can review the specific information on this host by clicking the hyperlinked IP address in the vulnerabilities table.

Observation:

Microsoft SQL Server is an enterprise-level database.Microsoft SQL Server can be queried to obtain the SQL version, the InstanceName, the named pipe and information on whether or not the SQL server is clustered. The returnedinformation pertains to TCP connections to the server, although is accessed through UDP.Attackers can exploit this vulnerability by sending specially crafted UDP traffic to the SQL server (UDP/1434) and reading the response.To see the actual information disclosed by the SQL Resolution Service on this vulnerable host, click the hyperlinked IP address in the vulnerabilities table.Note: This vulnerability does NOT pertain to issues addressed by installing the patch associated with Microsoft Security Bulletin MS02-039.http://www.microsoft.com/technet/security/bulletin/MS02-039.aspVulnerable Systems:Microsoft SQL Server - All Versions

Affected System(s)




Microsoft Windows Terminal Service InformationalDescription:

Microsoft Windows Terminal service has been detected on the target host.

Recommendation:

Disable Terminal Services if not in use. Ensure that account policies for Terminal Server users is as restrictive as possible.To disable Terminal Services:For Windows 2000 and NT1. Click Start > Settings > Control Panel.2. Double click Add/Remove programs.3. In the Add/Remove programs window, click Add/Remove Windows Components.4. Scroll down and click Terminal Services. Then click Next twice to remove it.

Observation:

Terminal Services allows the remote, full-access administration of any server running Microsoft Windows. This service is optional, and can be disabled at any time.If an attacker gains a valid username and password, he can use this service to gain further access on the remote host.Windows XP uses Terminal Services to provide additional functionality such as Fast User Switch, and Remote Assistance.Vulnerable Systems:Microsoft Windows 2000, NT, XP, 2003

Affected System(s)




Microsoft IIS WebDav Enabled InformationalDescription:

WebDAV functionality is enabled on the host.

Recommendation:

Disable WebDAV functionality on any server in a production environment. If WebDAV support is necessary, ensure that the latest available patches for are installed on theserver.Information on how to obtain and install the patches is available from Microsoft:http://www.microsoft.com/windows2000/downloads/securityMicrosoft has released the IIS Lockdown tool to enable the security administration of IIS Web servers. The tool includes the ability to block WebDAV functions, and is availablefrom Microsoft:http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC

Observation:

Microsoft Internet Information Server (IIS) is an industry standard Web server for the Windows platform.Installed with Windows 2000, IIS 5.0 supports Web-based Distributed Authoring and Versioning (WebDAV) HTTP 1.1 extensions. WebDAV as described in RFC 2518 is usedfor collaborative remote authoring and versioning of Web content.Vulnerabilities have been discovered in the implementation of WebDAV on IIS. The results of exploitation include denial-of-service and remote command execution on thetargeted host.Note: This check is non-intrusive, and looks for the presence of WebDAV on the targeted host. A positive result does not necessarily mean that the host is vulnerable toexploitation through WebDAV.Vulnerable systems:Microsoft Windows 2000 Internet Information Server 5For more information see:Microsoft Security BulletinsMS03-007:http://www.microsoft.com/technet/security/bulletin/MS03-007.mspxMS02-062:http://www.microsoft.com/technet/security/bulletin/MS02-062.mspx

Affected System(s)




Microsoft SQL TCP Listener Detected InformationalDescription:

A Microsoft SQL Server TCP listener was detected.

Recommendation:

Ensure that access controls restrict network traffic on port 1433 to essential hosts only. Block access to the port on border devices such as firewalls and routers.

Observation:

Microsoft SQL Server is an industry standard database server.MS SQL uses TCP port 1433 for communication between a database and other application servers. Some malware, such as the SQL Slammer/Sapphire Worm, has spreadusing communication on port 1433.Systems:Microsoft SQL - any

Affected System(s)




LSASS RPC Interface Detected InformationalDescription:

LSASS RPC Interface Detected.

Recommendation:

It is recommended to block the following ports at the network perimeter: 135/TCP,UDP,137/UDP, 138/TCP,UDP, 139/TCP,UDP, 445/TCP,UDP, 593/TCP, 1025/TCP,1026/TCP.

Observation:

LSASS RPC Interface Detected.

Affected System(s)




Microsoft SQL Server Authentication Mode Informational

Description:

The target host is running Microsoft SQL Server with authentication enabled.

Recommendation:

Ensure that the Microsoft SQL Server authentication mode in use complies with your enterprise policy.

Observation:

Microsoft SQL Server is an enterprise class relational database management system.The target host is running Microsoft SQL Server with authentication enabled. Microsoft SQL Server has two types of authentication modes: "SQL Server and Windows" and"Windows only".

Affected System(s)




Microsoft IIS Server Detected InformationalDescription:

Microsoft Internet Information Services (IIS) was detected on the host.

Recommendation:

Ensure that Microsoft IIS complies with the corporate policy.Note: Conceal the IIS Server status by modifying the banner.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS was detected on the host.

Affected System(s)




Microsoft SQL Server Instances Enumerated InformationalDescription:

Microsoft SQL Server instances were enumerated.

Recommendation:

Ensure that Microsoft SQL Server complies with the corporate policy.

Observation:

Microsoft SQL Server is a database server, written for Microsoft operating system.Microsoft SQL Server instances were enumerated.

Affected System(s)




Microsoft IIS NTLM Authentication Disabled InformationalDescription:

Microsoft Internet Information Services (IIS) NTLM Authentication is disabled on the host.

Recommendation:

Ensure that Microsoft IIS complies with the corporate policy.Note: It is advised to enforce NTLM authentication for Microsoft IIS.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS NTLM Authentication is disabled on the host.

Affected System(s)




Microsoft IIS Anonymous Access Enabled InformationalDescription:

Microsoft Internet Information Services (IIS) anonymous access is enabled.

Recommendation:

Ensure that Microsoft IIS complies with the corporate policy.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS anonymous access is enabled.

Affected System(s)




Microsoft IIS Basic Authentication Scheme Disabled InformationalDescription:

Microsoft Internet Information Services (IIS) Basic Authentication scheme is disabled on the host.

Recommendation:


Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS Basic Authentication scheme is disabled on the host.

Affected System(s)




Microsoft IIS IISADMPWD Virtual Directory Detected InformationalDescription:

Microsoft Internet Information Services (IIS) IISADMPWD virtual directory was detected on the host.

Recommendation:


Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft Internet Information Services (IIS) IISADMPWD virtual directory was detected on the host.

Affected System(s)




Microsoft IIS Host Name Setting Enumerated InformationalDescription:

Microsoft Internet Information Services (IIS) "Use Host Header Name" setting is disabled on the host.

Recommendation:

Ensure that Microsoft IIS complies with the corporate policy.Note: It is advised to enable "Use Host Header Name" setting.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS "Use Host Header Name" setting is disabled on the host.

Affected System(s)




Microsoft IIS MSADC Virtual Directory Detected InformationalDescription:

Microsoft Internet Information Services (IIS) MSADC virtual directory was detected on the host.

Recommendation:

Ensure that Microsoft IIS complies with the corporate policy.Note: After backing up MSADC virtual directory, it is advised to rename or delete this directory.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS MSADC virtual directory was detected on the host.

Affected System(s)




Microsoft IIS Printers Virtual Directory Detected InformationalDescription:

Microsoft Internet Information Services (IIS) Printers virtual directory was detected on the host.

Recommendation:

Ensure that Microsoft IIS complies with organizational policy.Note: It is advised to delete the Printers virtual directory.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS Printers virtual directory was detected on the host. Anonymous read and execute permissions are present in this virtual directory. This may allow remote users toexecute unwanted programs.

Affected System(s)




Microsoft IIS Scripts Virtual Directory Detected InformationalDescription:

Microsoft Internet Information Services (IIS) scripts virtual directory was detected on the host.

Recommendation:

Ensure that Microsoft IIS complies with organizational policy.Note: It is advised to delete scripts virtual directory.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS scripts virtual directory was detected on the host. Anonymous read and execute permissions are present in this virtual directory. This may allow remote users toexecute unwanted programs.

Affected System(s)




Microsoft Windows Remote Desktop Web Connection Detected InformationalDescription:

Microsoft Windows Remote Desktop Web Connection interface was detected on the host.

Recommendation:

Ensure that Microsoft Windows Remote Desktop complies with organizational policy.

Note: It is advised to disable Remote Desktop Web Connection interface.

Observation:

Microsoft Windows Remote Desktop is designed to provide a desktop interface to another computer.Microsoft Windows Remote Desktop Web Connection interface was detected on the host.

Affected System(s)




Microsoft IIS Server Extensions Enumerated InformationalDescription:

Microsoft Internet Information Services (IIS) extensions were enumerated on the host.

Recommendation:

Ensure that Microsoft IIS complies with organizational policy.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS server extensions were enumerated on the host.

Affected System(s)




Microsoft IIS Server Script Mapping Configuration Presence Detected InformationalDescription:

Microsoft Internet Information Services (IIS) script mapping configuration was detected on the host.

Recommendation:

Ensure that Microsoft IIS complies with organizational policy.

Observation:

Microsoft Internet Information Services (IIS) is a popular web server for the Windows platform.Microsoft IIS script mapping configuration was detected on the host.

Affected System(s)




NetBIOS Bindings Information Detected InformationalDescription:

NetBIOS bindings information was detected on the host.

Recommendation:

Ensure that NetBIOS service complies with organizational policies.

Observation:

NetBIOS is a service which allows different computers to communicate with each other over a local area network.NetBIOS bindings information was detected on the host.

Affected System(s)




NetBIOS Names Information Accessible InformationalDescription:

Microsoft NetBIOS names information was detected on the host.

Recommendation:

Ensure that Microsoft NetBIOS complies with organizational policies.

Observation:

Microsoft NetBIOS is a service developed to communicate with different computers over a local network.Microsoft NetBIOS names information was detected on the host.

Affected System(s)




Microsoft Remote Procedure Call Service Detected InformationalDescription:

Microsoft Remote Procedure Call Service was detected on the host.

Recommendation:

Ensure that MSRPC complies with organizational policy.

Observation:

Microsoft Remote Procedure Call Service (MSRPC) service is the DCE RPC mechanism implemented by Microsoft. It supports inheritance of interfaces, Unicode strings andimplicit handles.Microsoft Remote Procedure Call Service was detected on the host.

Affected System(s)




Web Server HTTP Protocol Version Detected InformationalDescription:

HTTP protocol version was obtained from the host through web server.

Recommendation:

Ensure that web server complies with organizational policy.

Observation:

Web servers are widely used to serve static and dynamic content and render it in the client's browser.HTTP protocol version was obtained from the host through web server.

Affected System(s)




Web Server WebDAV Detected InformationalDescription:

WebDAV was detected on the host.

Recommendation:

Ensure that WebDAV complies with organizational policy.

Observation:

WebDAV is an industry standard extension to the HTTP specification. It adds a capability for authorized users to remotely add and manage the content of a web server.WebDAV was detected on the host.

Affected System(s)




Windows Assessment Module Summary Report

WINDOWS SYSTEMS BY RISK SUMMARY >> Detailed Report

Windows Vulnerabilities By Category >> Detailed Report

ACCESS REPORT SUMMARY >> Detailed Report

Domain AdministratorAuthentication

Remote Registry Remote FileSystem Access

WMI Accessible Null Session

COMCEL_DOMINIO 0 0 0 0 0

Windows Assessment Module Access Report

WINDOWS ASSESSMENT MODULE ACCESS REPORT

Key

Full Access Partial Access No Access

DOMAIN NAME: COMCEL_DOMINIO

Host Access Totals

Access Report Summary By System

System AccessSummary

AdministratorAuthentication

RemoteRegistry

Remote FileSystemAccess

WMIAccessible

Null Session


Windows Assessment Module Vulnerabilities By Category Report

DOMAIN NAME: COMCEL_DOMINIO

Windows Vulnerabilities By Category

Miscellaneous

System Operating System Vulnerabilities


Windows Server 2003 Microsoft SQL Server Authentication Mode

Web Server



Windows Server 2003 Microsoft IIS WebDav Enabled Microsoft Internet Information Services WebDAV SecurityBypass Vulnerability Microsoft IIS Server Detected Microsoft IIS NTLM Authentication Disabled Microsoft IIS Anonymous Access Enabled Microsoft IIS Basic Authentication Scheme Disabled Microsoft IIS IISADMPWD Virtual Directory Detected Microsoft IIS Host Name Setting Enumerated Microsoft IIS MSADC Virtual Directory Detected Microsoft IIS Printers Virtual Directory Detected Microsoft IIS Scripts Virtual Directory Detected Microsoft IIS Server Extensions Enumerated Microsoft IIS Server Script Mapping Configuration PresenceDetected Web Server HTTP Protocol Version Detected Web Server WebDAV Detected

Windows



Windows Server 2003 NetBIOS NBTSTAT -A Microsoft Windows Terminal Service Microsoft SQL Server UDP 1434 Database Instance TCPInformation Disclosure Microsoft SQL TCP Listener Detected

LSASS RPC Interface Detected Microsoft SQL Server Instances Enumerated Microsoft Windows Remote Desktop Web ConnectionDetected NetBIOS Bindings Information Detected NetBIOS Names Information Accessible Microsoft Remote Procedure Call Service Detected

Windows Assessment Module Vulnerabilities By Risk Report

DOMAIN: COMCEL_DOMINIOVulnerabilities By Severity Percent of Vulnerabilities By Severity

Vulnerabilities By System



Windows Server 2003 Microsoft SQL Server UDP 1434 Database Instance TCPInformation DisclosureMicrosoft Remote Procedure Call Service DetectedWeb Server HTTP Protocol Version DetectedWeb Server WebDAV DetectedMicrosoft IIS WebDav EnabledMicrosoft SQL TCP Listener DetectedLSASS RPC Interface DetectedMicrosoft Internet Information Services WebDAV SecurityBypass VulnerabilityMicrosoft SQL Server Authentication ModeMicrosoft IIS Server DetectedMicrosoft SQL Server Instances EnumeratedMicrosoft IIS NTLM Authentication DisabledMicrosoft IIS Anonymous Access EnabledMicrosoft IIS Basic Authentication Scheme DisabledMicrosoft IIS IISADMPWD Virtual Directory DetectedMicrosoft IIS Host Name Setting EnumeratedMicrosoft IIS MSADC Virtual Directory DetectedMicrosoft IIS Printers Virtual Directory DetectedMicrosoft IIS Scripts Virtual Directory DetectedMicrosoft Windows Remote Desktop Web ConnectionDetectedMicrosoft IIS Server Extensions EnumeratedMicrosoft IIS Server Script Mapping Configuration PresenceDetectedNetBIOS Bindings Information DetectedNetBIOS Names Information AccessibleNetBIOS NBTSTAT -AMicrosoft Windows Terminal Service

Unix Hosts Summary Report

UNIX SYSTEMS BY RISK SUMMARY

No Unix Vulnerabilities Found. Vulnerabilities By Category

No Unix Vulnerabilities Found. ACCESS REPORT SUMMARY

Systems SSHv2 Certificate SSHv2 Password SSHv1 Certificate SSHv1 Password TelnetThere is no data to display.

Values indicate access granted/total-attempts. Percentages indicate success rate.

Unix Authentication and Access Report

Unix Hosts Access Report

Key

Root User No Access

Unix Vulnerabilities By Category Report

No Unix Vulnerabilities Found.

Unix Vulnerabilities By Risk Report

No Unix Vulnerabilities Found.

Infrastructure Hosts Summary Report

INFRASTRUCTURE SYSTEMS BY RISK SUMMARY

No Infrastructure Vulnerabilities Found. Vulnerabilities By Category

No Infrastructure Vulnerabilities Found. ACCESS REPORT SUMMARY

Systems SSHv2 Certificate SSHv2 Password SSHv1 Certificate SSHv1 Password TelnetThere is no data to display.

Values indicate access granted/total-attempts. Percentages indicate success rate.

Infrastructure Authentication and Access Report

INFRASTRUCTURE AUTHENTICATION AND ACCESS REPORT

Key

Root User None

Infrastructure Vulnerabilities By Category Report

No Infrastructure Vulnerabilities Found.

Infrastructure Vulnerabilities By Risk Report

No Infrastructure Vulnerabilities Found.

Delta Report

Delta Report

Previous Scan Current ScanCompleted: 2013-07-26 21:02:55 Completed: 2013-07-26 21:51:41 UTCDuration: 37 Second(s) Duration: 15 Minute(s), 19 Second(s)Scanned IP Address Range(s):172.30.8.29Not scanned due to exclusions:N/ANot scanned due to being outside of IP pool:N/ANot scanned due to IP pool exclusions:N/A

Scanned IP Address Range(s):172.30.8.29Not scanned due to exclusions:N/ANot scanned due to being outside of IP pool:N/ANot scanned due to IP pool exclusions:N/A

Description of the changes between scan configurations.

FoundScore Risk Rating


100


100Previous FoundScore Current FoundScore

Overall Change: -43

Vulnerabilities

Comparison of Total VulnerabilitiesThis chart is a count of the total vulnerabilities on all hosts

Summary of VulnerabilitiesNewly detected 26

No longer detected 0

Overall Change +26

New vulnerabilities detected

Risk Rating Vulnerability Name System(s)

Medium Microsoft Internet Information Services WebDAV SecurityBypass Vulnerability

psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Low NetBIOS NBTSTAT -A psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Low Microsoft SQL Server UDP 1434 Database Instance TCPInformation Disclosure


Informational Microsoft Windows Terminal Service psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS WebDav Enabled psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft SQL TCP Listener Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational LSASS RPC Interface Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft SQL Server Authentication Mode psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Server Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft SQL Server Instances Enumerated psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS NTLM Authentication Disabled psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Anonymous Access Enabled psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Basic Authentication Scheme Disabled psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS IISADMPWD Virtual Directory Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Host Name Setting Enumerated psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS MSADC Virtual Directory Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Printers Virtual Directory Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Scripts Virtual Directory Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft Windows Remote Desktop Web ConnectionDetected


Informational Microsoft IIS Server Extensions Enumerated psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft IIS Server Script Mapping Configuration PresenceDetected


Informational NetBIOS Bindings Information Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational NetBIOS Names Information Accessible psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Microsoft Remote Procedure Call Service Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Risk Rating Vulnerability Name System(s)

Informational Web Server HTTP Protocol Version Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Informational Web Server WebDAV Detected psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29

Vulnerabilities no longer detected

Risk Rating Vulnerability Name System(s)There is no data to display.

Discovered Hosts

Comparison of Total Active Hosts

SummaryTotal New Hosts 1

Total Removed Hosts 0

Overall Change +1

New Hosts

System(s) Operating System

psycowin-srv.comcel.com.gt,PSYCOWIN-SRV,172.30.8.29 Windows Server 2003

Removed Hosts

System(s) Operating SystemThere is no data to display.

Network Services

Comparison of Total Network Services

SummaryTotal New Services 9

Total Removed Services 0

Overall Change +9

New Services

Service Name Port System(s)

Hyper Text Transfer Protocol tcp - 8099 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Windows RPC service tcp - 135 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

NETBIOS Name Service udp - 137 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

NETBIOS Session Service tcp - 139 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Windows Server Message Block tcp - 445 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Win32 Generic Host Process tcp - 1025 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Microsoft-SQL-Server tcp - 1433 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Microsoft-SQL-Monitor udp - 1434 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Microsoft Terminal Services tcp - 3389 psycowin-srv.comcel.com.gt, PSYCOWIN-SRV,172.30.8.29

Removed Services

Service Name Port System(s)There is no data to display.

Trend Report

FoundScore

FoundScore

FoundScore TrendHighest FoundScore 100 Date Scored: 2013-07-26 20:58:10 UTCLowest FoundScore 57 Date Scored: 2013-07-26 21:51:41 UTCAverage FoundScore 86 Total Scans: 3Median FoundScore 100Standard Deviation 24.8

Vulnerabilities

Total Vulnerabilities

Vulnerability TrendHighest Total # of Vulnerabilities 26 Date: 2013-07-26 21:51:41 UTCLowest Total # of Vulnerabilities 0 Date: 2013-07-26 21:02:55 UTCAverage # of Vulnerabilities 9 Total Scans: 3Median # of Vulnerabilities 0Standard Deviation 15.0

Discovered Hosts

Total Discovered Hosts

Discovered Hosts TrendHighest Total # of Discovered Hosts 1 Date: 2013-07-26 21:51:41 UTCLowest Total # of Discovered Hosts 0 Date: 2013-07-26 21:02:55 UTCAverage # of Discovered Hosts 0 Total Scans: 3Median # of Discovered Hosts 0Standard Deviation 0.6

Total Services Found

Total Network Services

Total Services TrendHighest Total # of Services 9 Date: 2013-07-26 21:51:41 UTCLowest Total # of Services 0 Date: 2013-07-26 21:02:55 UTCAverage # of Services 3 Total Scans: 3Median # of Services 0Standard Deviation 5.2

Scan Configuration History Report

Scan Configuration History

This report shows the scan configuration settings used in the last scan you ran. Below the detailed description is a table of configuration changesshowing the settings that changed from the previous scan. For more specific details, see the Vulnerability Check Configuration Report. Scan Configuration History Details

General Settings

Job Number: 386

Scan Date: 2013-07-26 21:51:41 UTC

Scan Type: External

Scan Description: McAfee Vulnerability Manager Default Configuration Scan

Scan Engine: MVM3100-LQOG66I

Licensed IP Address Range(s): N/A ::1 - ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

IP Address Range(s) not covered by thelicense:

N/A

Scan Configuration Include IP AddressRange(s):

N/A

Effective IP Pool Include Address Range(s): Total IPs: 4294967294 0.0.0.1 - 255.255.255.254

IP Address Range(s) Scanned: Total IPs: 1 172.30.8.29

Host Discovery Settings

Discovery Passes: 1

TCP Full Connection: Off

Use ICMP: On (Timeout 2000 Milliseconds)

ICMP Scanning Technique(s): Echo Request;

Use TCP: (Timeout 4000 Milliseconds)

TCP Port List: 21-23 25 79-80 110 139 264-265 443 1025 1433 1723

Use UDP: On (Timeout 2000 Milliseconds)

UDP Port List: 53 67 69 123 137 161 500 1434

Advanced UDP Scanning: Off

Network Stack Selection: IPv6 Disabled

Service Discovery Settings

Discovery Passes: 1

TCP Full Connection: Off

Use TCP: On (Timeout 4000 Milliseconds)

TCP Port List: 7 9 11 13 15 17 19 21-23 25 37 42-43 49 53 66-68 79-81 88 98 106 109-111 113 119 130-132135 139 143 150 199 256-259 264 311 389 427 443 445 457 464-465 512-515 524 540 543-544548 554 563 587 593 623 631 636 691 784 873 898 900-903 992-993 995 1002 1022-10331045 1050 1080 1084 1100 1109 1214 1234 1243 1311 1313 1352 1433 1455 1494 1512 15211524-1525 1527 1529 1541-1542 1574 1582 1677 1718-1720 1723 1754-1755 1782 1801 18631987-1989 1996 1998 2000-2001 2003 2049 2080 2103 2105 2140 2301 2381 2401 2433 24472766 2998 3001 3006 3127-3128 3141 3264 3268-3269 3300 3306 3372 3389 3689 3780

4000-4002 4045 4321 4443-4444 4662 4899 5000-5001 5003 5050 5101 5232 5432 54905555-5556 5631 5800-5802 5900-5901 5980-5981 5987 6000 6003 6112 6349 6387 65886666-6669 6699 6881 7000-7002 7005-7007 7070 7100 7161 7273 7777-7778 8000-80018007 8009-8010 8080-8081 8100 8484 8875 8888 8910 9090 9100 9999-10000 1052012345-12346 12361-12362 12888 13722 13782-13783 20034 26000 30100-30102 3133732768-32790 33333 34324 40421-40423 49400-49401 65000 65301

Use UDP: On (Timeout 2000 Milliseconds)

UDP Port List: 7 9 11 13 17 19 37 42 53 67-69 111 123 135 137 161 177 256 260 389 407 445 500 513-514518 520 561 623 631 635 640 650 666 749 762 1024-1028 1034 1060 1091 1352 14341645-1646 1701 1801 1812-1813 1900 1978 1999 2002 2049 2140 2161 2221 2301 2365 24932631 3179 3327 3456 3478 4045 4156 4296 4469 4802 5631-5632 7001 10080 11487 1149322000 27444 31337 32768-32781 32783 32786-32790 40017 43981

Advanced UDP Scanning: Off

Service Fingerprinting: On

Vulnerability Check Settings

Vulnerability Checking: On

SANS/FBI Vulnerability Checks: Off

Web Application Assessment

Override Asset Settings: No

Maximum Scan Time (minutes): No limit

Maximum Response Size (KB): 500

Request Timeout (seconds): 10

Inter Request Delay (ms): 200

Maximum Site Failures: No limit

Maximum Directory Depth: 20

Maximum Requests: No limit

Thoroughness: Exhaustive

Determine URL Uniqueness: Use parameters with alphabetic values

User Credentials Used: None

Windows Host Assessment


Shell Assessment


Trust Unknown Targets: No

Perform SSH Key Collection: No

Other Settings

Batch Size: 128

Randomize IP List: On

Attempt OS Identification: On

Perform Banner Grabbing: On

Resolve Host Names: On

Scan For Wireless: On

Subscans: 5

Interpacket delay (ms): 15

Network Mapping (Tracerouting): On

Host Time Out (minutes): 180

Report Options

HTML Report Generated: Yes

CSV Reports Generated: No

XML Reports Generated: No

PDF Reports Generated: Yes

Delete report(s) after send: Yes

Scan Configuration Comparison

The table below describes the differences in configuration between the current scan and the previous scan. Scan settings that have not changedfrom the previous scan are not included in the table.

General Settings

Setting Current Scan Previous Scan

Job Number: 386 385

Start Time: 2013-07-26 21:36:22 UTC 2013-07-26 21:02:18 UTC

Stop Time: 2013-07-26 21:51:41 UTC 2013-07-26 21:02:55 UTC

Duration: 15 Minute(s) 19 Second(s) 37 Second(s)

Host Discovery Settings


No changes.

Service Discovery Settings


No changes.

Vulnerability Check Settings


No changes.

Web Application Assessment


No changes.

Windows Host Assessment


No changes.

Shell Assessment


No changes.

Other Settings


No changes.

Report Options


No changes.

Vulnerability Check Configuration Report

Vulnerability Check Report

This report shows which vulnerability checks the last scan used. It compares this scan with the previous scan and shows which checks wereadded or removed. represents vulnerability checks in this scan that were not in the previous scan. represents those checks that were inthe previous scan, but not this one. Intrusive Checks

Non-Intrusive Checks

MISCELLANEOUS

Check Name CVE Number Date ID

MySQL 3.2x Database Server Accepts Any Password CVE-2000-0148 2002-08-08 07:00:00 UTC 67

NFS Enabled 1980-01-01 07:00:00 UTC 393

SNMP Default Community Name CVE-1999-0472 1980-01-01 07:00:00 UTC 445

FTP Anonymous User Account ftp Accessible CVE-1999-0497 1980-01-01 07:00:00 UTC 571

RPC mountd 1980-01-01 07:00:00 UTC 572

Checkpoint Firewall-1 Authentication Server FormatString

CVE-2001-1176 1980-01-01 07:00:00 UTC 630

Oracle8i TNS Listener Buffer Overflow CVE-2001-0499 1980-01-01 07:00:00 UTC 635

RPC portmap CVE-1999-0632 1980-01-01 07:00:00 UTC 678

SMTP Open Mail Relay CVE-1999-0512 1980-01-01 07:00:00 UTC 719

SMTP EXPN CVE-1999-0531 1980-01-01 07:00:00 UTC 732

SMTP VRFY CVE-1999-0531 1980-01-01 07:00:00 UTC 733

Wingate Proxy Accessible Without Password CVE-1999-0291 1980-01-01 07:00:00 UTC 745

HTTP Proxy CONNECT - 1980-01-01 07:00:00 UTC 747

PowerFTP Personal FTP Server Path Disclosure CVE-2001-0934 1980-01-01 07:00:00 UTC 761

PowerFTP Personal FTP Server Directory Disclosure CVE-2002-1544 1980-01-01 07:00:00 UTC 762

PowerFTP Personal FTP Server Tilde Denial-of-Service - 1980-01-01 07:00:00 UTC 763

Raptor Firewall Accepts Telnet Connections - 1980-01-01 07:00:00 UTC 765

Axis WebCam Default Login CVE-2001-1543 1980-01-01 07:00:00 UTC 770

LDAP Enumeration CVE-1999-0646 1980-01-01 07:00:00 UTC 915

Anonymous FTP Writeable Directory CVE-1999-0527 1980-01-01 07:00:00 UTC 916

Oracle TNS Listener File Overwrite CVE-2001-0499 1980-01-01 07:00:00 UTC 932

Oracle TNS Listener Anonymous Access Allowed CVE-2002-0567 1980-01-01 07:00:00 UTC 933

YoungZSoft CmailServer POP service Buffer Overflow CVE-2002-0799 1980-01-01 07:00:00 UTC 965

rshd Detected CVE-1999-0651 1980-01-01 07:00:00 UTC 971

rexecd Detected CVE-1999-0618 1980-01-01 07:00:00 UTC 972

TFTP Server Detected CVE-1999-0616CVE-1999-0619

1980-01-01 07:00:00 UTC 973

MySQL Root Blank Password CVE-2002-1809 2006-01-24 19:13:14 UTC 1019

Check Name CVE Number Date ID

SNMP Agent Accepts Any Community Name - 2002-07-07 21:37:00 UTC 1057

SunFTP Build 9 Directory Traversal CVE-2001-0283 2002-10-10 21:17:00 UTC 1169

FTP Sensitive File Extension - 2002-11-11 23:39:00 UTC 1192

WS_FTP SITE CPWD Buffer Overflow CVE-2001-1021CVE-2002-0024CVE-2002-0826

2004-04-26 19:43:22 UTC 1282

Delegate Proxy Server Cross-Site Scripting CVE-2001-1202 2004-06-09 20:55:28 UTC 1495

Axis Print Server Default User Password Combination - 2003-03-03 19:07:00 UTC 1591

Platinum FTP Server Directory Traversal - 2003-04-04 23:29:00 UTC 1684

RealNetworks RealServer RTSP URI Handling BufferOverflow

CVE-2002-1643 2003-05-23 19:01:00 UTC 1820

Multiple Icecast 1.3.8 overflows CVE-2001-1229 2004-02-23 18:40:23 UTC 1884

Multiple Icecast 1.3.9 overflows CVE-2001-0784CVE-2001-1083CVE-2001-1230

2004-02-23 18:40:23 UTC 1885

Format string bug in Icecast 1.3.9 and below CVE-2001-0197 2004-02-23 18:40:23 UTC 1887

Long GET request overflow in Icecast 1.3.11 and earlier CVE-2002-0177 2004-02-23 18:40:23 UTC 1888

MySQL Database World Writable Files CV

report_en(12)

Documents