nessus _bnrm_rvnh31
DESCRIPTION
Dans cette partie, nous allons lancer un scan de vulnérabilité sur une machine Windows7TRANSCRIPT
-
Nessus ReportNessus Scan Report
23/Feb/2015:12:29:35
Nessus Home: Commercial use of the report is prohibitedAny time Nessus is used in a commercial environment you MUST maintain an activesubscription to the Nessus Feed in order to be compliant with our license agreement:http://www.tenable.com/products/nessus
-
Table Of ContentsHosts Summary (Executive).................................................................................................3
192.168.1.1..................................................................................................................................................................4192.168.1.12................................................................................................................................................................6192.168.1.13................................................................................................................................................................7192.168.1.15................................................................................................................................................................8192.168.1.17..............................................................................................................................................................10192.168.1.18..............................................................................................................................................................11192.168.1.19..............................................................................................................................................................12192.168.1.24..............................................................................................................................................................13192.168.1.111............................................................................................................................................................14
-
Hosts Summary (Executive)
-
4192.168.1.1Summary
Critical High Medium Low Info Total
0 0 13 3 26 42
DetailsSeverity Plugin Id Name
Medium (6.4) 51192 SSL Certificate Cannot Be Trusted
Medium (6.4) 57582 SSL Self-Signed Certificate
Medium (5.8) 42880 SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
Medium (5.0) 10297 Web Server Directory Traversal Arbitrary File Access
Medium (5.0) 10505 Apache WebDAV Module PROPFIND Arbitrary Directory Listing
Medium (5.0) 12217 DNS Server Cache Snooping Remote Information Disclosure
Medium (5.0) 20007 SSL Version 2 and 3 Protocol Detection
Medium (5.0) 45411 SSL Certificate with Wrong Hostname
Medium (5.0) 57608 SMB Signing Required
Medium (4.3) 26928 SSL Weak Cipher Suites Supported
Medium (4.3) 42873 SSL Medium Strength Cipher Suites Supported
Medium (4.3) 44135 Web Server Generic Cookie Injection
Medium (4.0) 35291 SSL Certificate Signed using Weak Hashing Algorithm
Low (3.2) 50686 IP Forwarding Enabled
Low (2.6) 42263 Unencrypted Telnet Server
Low (2.6) 65821 SSL RC4 Cipher Suites Supported
Info 10107 HTTP Server Type and Version
Info 10114 ICMP Timestamp Request Remote Date Disclosure
Info 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
Info 10281 Telnet Server Detection
Info 10287 Traceroute Information
Info 10863 SSL Certificate Information
Info 10919 Open Port Re-check
Info 11002 DNS Server Detection
Info 11011 Microsoft Windows SMB Service Detection
Info 11219 Nessus SYN scanner
-
5Info 11424 WebDAV Detection
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 21643 SSL Cipher Suites Supported
Info 22964 Service Detection
Info 24260 HyperText Transfer Protocol (HTTP) Information
Info 25220 TCP/IP Timestamps Supported
Info 35716 Ethernet Card Manufacturer Detection
Info 43111 HTTP Methods Allowed (per directory)
Info 45410 SSL Certificate commonName Mismatch
Info 45590 Common Platform Enumeration (CPE)
Info 54615 Device Type
Info 56984 SSL / TLS Versions Supported
Info 62563 SSL Compression Methods Supported
Info 70544 SSL Cipher Block Chaining Cipher Suites Supported
-
6192.168.1.12Summary
Critical High Medium Low Info Total
0 0 0 0 12 12
DetailsSeverity Plugin Id Name
Info 10287 Traceroute Information
Info 10919 Open Port Re-check
Info 11219 Nessus SYN scanner
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 19772 Skype Detection
Info 21208 Skype Stack Version Detection
Info 22964 Service Detection
Info 25220 TCP/IP Timestamps Supported
Info 35716 Ethernet Card Manufacturer Detection
Info 45590 Common Platform Enumeration (CPE)
Info 66717 mDNS Detection (Local Network)
-
7192.168.1.13Summary
Critical High Medium Low Info Total
0 1 1 1 16 19
DetailsSeverity Plugin Id Name
High (7.5) 41028 SNMP Agent Default Community Name (public)
Medium (5.0) 76474 SNMP 'GETBULK' Reflection DDoS
Low (2.6) 42263 Unencrypted Telnet Server
Info 10107 HTTP Server Type and Version
Info 10114 ICMP Timestamp Request Remote Date Disclosure
Info 10281 Telnet Server Detection
Info 10287 Traceroute Information
Info 10551 SNMP Request Network Interfaces Enumeration
Info 11819 TFTP Daemon Detection
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 14274 Nessus SNMP Scanner
Info 19506 Nessus Scan Information
Info 22964 Service Detection
Info 25220 TCP/IP Timestamps Supported
Info 35296 SNMP Protocol Version Detection
Info 35716 Ethernet Card Manufacturer Detection
Info 40448 SNMP Supported Protocols Detection
Info 54615 Device Type
-
8192.168.1.15Summary
Critical High Medium Low Info Total
0 0 3 0 34 37
DetailsSeverity Plugin Id Name
Medium (6.4) 51192 SSL Certificate Cannot Be Trusted
Medium (6.4) 57582 SSL Self-Signed Certificate
Medium (5.0) 10677 Apache mod_status /server-status Information Disclosure
Info 10107 HTTP Server Type and Version
Info 10147 Nessus Server Detection
Info 10302 Web Server robots.txt Information Disclosure
Info 10386 Web Server No 404 Error Code Check
Info 10863 SSL Certificate Information
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 12634 Authenticated Check : OS Name and Installed Package Enumeration
Info 14272 netstat portscanner (SSH)
Info 19506 Nessus Scan Information
Info 21643 SSL Cipher Suites Supported
Info 22869 Software Enumeration (SSH)
Info 22964 Service Detection
Info 24260 HyperText Transfer Protocol (HTTP) Information
Info 25202 Enumerate IPv6 Interfaces via SSH
Info 25203 Enumerate IPv4 Interfaces via SSH
Info 33276 Enumerate MAC Addresses via SSH
Info 35716 Ethernet Card Manufacturer Detection
Info 39521 Backported Security Patch Detection (WWW)
Info 42822 Strict Transport Security (STS) Detection
Info 45410 SSL Certificate commonName Mismatch
Info 45590 Common Platform Enumeration (CPE)
Info 48243 PHP Version
-
9Info 50845 OpenSSL Detection
Info 54615 Device Type
Info 55472 Device Hostname
Info 56468 Time of Last System Startup
Info 56984 SSL / TLS Versions Supported
Info 57041 SSL Perfect Forward Secrecy Cipher Suites Supported
Info 58651 Netstat Active Connections
Info 62563 SSL Compression Methods Supported
Info 62564 TLS Next Protocols Supported
Info 64582 Netstat Connection Information
Info 70544 SSL Cipher Block Chaining Cipher Suites Supported
-
10
192.168.1.17Summary
Critical High Medium Low Info Total
1 0 1 0 22 24
DetailsSeverity Plugin Id Name
Critical (10.0) 53514 MS11-030: Vulnerability in DNS Resolution Could Allow Remote CodeExecution (2509553) (remote check)
Medium (5.0) 57608 SMB Signing Required
Info 10114 ICMP Timestamp Request Remote Date Disclosure
Info 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
Info 10287 Traceroute Information
Info 10394 Microsoft Windows SMB Log In Possible
Info 10397 Microsoft Windows SMB LanMan Pipe Server Listing Disclosure
Info 10736 DCE Services Enumeration
Info 10785 Microsoft Windows SMB NativeLanManager Remote System InformationDisclosure
Info 10919 Open Port Re-check
Info 11011 Microsoft Windows SMB Service Detection
Info 11153 Service Detection (HELP Request)
Info 11219 Nessus SYN scanner
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 24786 Nessus Windows Scan Not Performed with Admin Privileges
Info 25220 TCP/IP Timestamps Supported
Info 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the WindowsRegistry
Info 35716 Ethernet Card Manufacturer Detection
Info 45590 Common Platform Enumeration (CPE)
Info 46180 Additional DNS Hostnames
Info 53513 Link-Local Multicast Name Resolution (LLMNR) Detection
Info 54615 Device Type
-
11
192.168.1.18Summary
Critical High Medium Low Info Total
0 0 1 0 21 22
DetailsSeverity Plugin Id Name
Medium (5.0) 57608 SMB Signing Required
Info 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
Info 10287 Traceroute Information
Info 10394 Microsoft Windows SMB Log In Possible
Info 10397 Microsoft Windows SMB LanMan Pipe Server Listing Disclosure
Info 10919 Open Port Re-check
Info 11011 Microsoft Windows SMB Service Detection
Info 11153 Service Detection (HELP Request)
Info 11219 Nessus SYN scanner
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 19772 Skype Detection
Info 21208 Skype Stack Version Detection
Info 22964 Service Detection
Info 24786 Nessus Windows Scan Not Performed with Admin Privileges
Info 25220 TCP/IP Timestamps Supported
Info 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the WindowsRegistry
Info 35716 Ethernet Card Manufacturer Detection
Info 45590 Common Platform Enumeration (CPE)
Info 53513 Link-Local Multicast Name Resolution (LLMNR) Detection
Info 54615 Device Type
-
12
192.168.1.19Summary
Critical High Medium Low Info Total
1 0 2 0 20 23
DetailsSeverity Plugin Id Name
Critical (10.0) 73182 Microsoft Windows XP Unsupported Installation Detection
Medium (5.0) 26920 Microsoft Windows SMB NULL Session Authentication
Medium (5.0) 57608 SMB Signing Required
Info 10114 ICMP Timestamp Request Remote Date Disclosure
Info 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
Info 10287 Traceroute Information
Info 10394 Microsoft Windows SMB Log In Possible
Info 10785 Microsoft Windows SMB NativeLanManager Remote System InformationDisclosure
Info 10884 Network Time Protocol (NTP) Server Detection
Info 10919 Open Port Re-check
Info 11011 Microsoft Windows SMB Service Detection
Info 11153 Service Detection (HELP Request)
Info 11219 Nessus SYN scanner
Info 11936 OS Identification
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 24786 Nessus Windows Scan Not Performed with Admin Privileges
Info 25220 TCP/IP Timestamps Supported
Info 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the WindowsRegistry
Info 35716 Ethernet Card Manufacturer Detection
Info 45590 Common Platform Enumeration (CPE)
Info 46180 Additional DNS Hostnames
Info 54615 Device Type
-
13
192.168.1.24Summary
Critical High Medium Low Info Total
0 0 0 0 3 3
DetailsSeverity Plugin Id Name
Info 12053 Host Fully Qualified Domain Name (FQDN) Resolution
Info 19506 Nessus Scan Information
Info 35716 Ethernet Card Manufacturer Detection
-
14
192.168.1.111Summary
Critical High Medium Low Info Total
1 0 0 0 20 21
DetailsSeverity Plugin Id Name
Critical (10.0) 40887 MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback()Vulnerability (975497) (uncredentialed check)
Info 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
Info 10287 Traceroute Information
Info 10394 Microsoft Windows SMB Log In Possible
Info 10736 DCE Services Enumeration
Info 10785 Microsoft Windows SMB NativeLanManager Remote System InformationDisclosure
Info 10884 Network Time Protocol (NTP) Server Detection
Info 11011 Microsoft Windows SMB Service Detection
Info 11219 Nessus SYN scanner
Info 11936 OS Identification
Info 19506 Nessus Scan Information
Info 20870 LDAP Server Detection
Info 22964 Service Detection
Info 24786 Nessus Windows Scan Not Performed with Admin Privileges
Info 25220 TCP/IP Timestamps Supported
Info 25701 LDAP Crafted Search Request Server Information Disclosure
Info 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the WindowsRegistry
Info 35716 Ethernet Card Manufacturer Detection
Info 43829 Kerberos Information Disclosure
Info 45590 Common Platform Enumeration (CPE)
Info 54615 Device Type
Table Of ContentsHosts Summary (Executive)192.168.1.1192.168.1.12192.168.1.13192.168.1.15192.168.1.17192.168.1.18192.168.1.19192.168.1.24192.168.1.111