nessus scan report using the defualt scan policy

Nessus Scan Report

file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]

List of hoststareq-laptop Medium Severity problem(s) found

[^] Back

tareq-laptop

Scan time :Start time : Mon Nov 17 15:23:48 2008End time : Mon Nov 17 15:38:57 2008

Number of vulnerabilities :Open ports : 20

Low : 46Medium : 8

High : 0

Information about the remote host :

Operating system : Microsoft Windows Vista HomeNetBIOS name : TAREQ-LAPTOP

DNS name : tareq-laptop.

[^] Back to tareq-laptop

Port unknown (49155/tcp)

DCE Services Enumeration

Synopsis :

A DCE/RPC service is running on the remote host.

Description :

By sending a Lookup request to the portmapper (TCP 135 or epmapperPIPE) it was possible to enumerate the Distributed Computing Environment(DCE) services running on the remote port.Using this information it is possible to connect and bind toeach service by sending an RPC request to the remote port/pipe.

Risk factor :

None

Plugin output :

The following DCERPC services are available on TCP port 49155 :

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceTCP Port : 49155IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Remote RPC serviceTCP Port : 49155IP : 192.168.0.102

Nessus Scan Report


Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceTCP Port : 49155IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceTCP Port : 49155IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceTCP Port : 49155IP : 192.168.0.102

Nessus ID : 10736




Port mysql (3306/tcp)

Service detectionA MySQL server is running on this port.

Nessus ID : 22964


Port icslap (2869/tcp)

Service Identification (2nd pass)A web server seems to be running on this port

Nessus ID : 11153


Port rmiregistry (1099/tcp)

RMI Registry Detection

Synopsis :

An RMI registry is listening on the remote host.

Description :

The remote host is running an RMI registry, which acts as a bootstrapnaming service for registering and retrieving remote objects withsimple names in the Java Remote Method Invocation (RMI) system.

See also :

http://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmiTOC.htmlhttp://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmi-protocol3.html

Risk factor :

None

Plugin output :

The remote RMI registry currently does not have information aboutany objects.

http://www.nessus.org/plugins/index.php?view=single&id=10736



http://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmiTOC.html

http://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmi-protocol3.html

Nessus Scan Report


Nessus ID : 22227



Service detectionA web server is running on this port.

Nessus ID : 22964

HTTP Server type and version

Synopsis :

A web server is running on the remote host.

Description :

This plugin attempts to determine the type and the version ofthe remote web server.

Risk factor :

None

Plugin output :

The remote web server type is :

Jetty/4.2.24 (Windows Vista/6.0 x86 java/1.6.0)

Nessus ID : 10107

HyperText Transfer Protocol Information

Synopsis :

Some information about the remote HTTP configuration can be extracted.

Description :

This test gives some information about the remote HTTP protocol - theversion used, whether HTTP Keep-Alive and HTTP pipelining are enabled,etc...

This test is informational only and does not denote any securityproblem

Risk factor :

None

Plugin output :

Protocol version : HTTP/1.1SSL : noPipelining : yesKeep-Alive : noOptions allowed : GET, HEAD, POST, PUT, DELETE, MOVE, OPTIONS, TRACEHeaders :

Date: Mon, 17 Nov 2008 22:27:46 GMTServer: Jetty/4.2.24 (Windows Vista/6.0 x86 java/1.6.0)Content-Type: text/htmlContent-Length: 768

Nessus ID : 24260


Port netbios-ns (137/udp)

Using NetBIOS to retrieve information from a Windows host

Synopsis :





Nessus Scan Report


It is possible to obtain the network name of the remote host.

Description :

The remote host listens on udp port 137 and replies to NetBIOS nbtscanrequests. By sending a wildcard request it is possible to obtain thename of the remote system and the name of its domain.

Risk factor :

None

Plugin output :

The following 4 NetBIOS names have been gathered :

TAREQ-LAPTOP = Computer nameWORKGROUP = Workgroup / Domain nameTAREQ-LAPTOP = File Server ServiceWORKGROUP = Browser Service Elections

The remote host has the following MAC address on its adapter :00:1a:73:45:41:3fCVE : CVE-1999-0621Other references : OSVDB:13577

Nessus ID : 10150




Synopsis :


Description :


Risk factor :

None

Plugin output :


Object UUID : 00000000-0000-0000-0000-000000000000UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0Description : Unknown RPC serviceAnnotation : Event log TCPIPType : Remote RPC serviceTCP Port : 49153IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Remote RPC serviceTCP Port : 49153IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Remote RPC serviceTCP Port : 49153IP : 192.168.0.102

Object UUID : 00000000-0000-0000-0000-000000000000


Nessus Scan Report


UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Remote RPC serviceTCP Port : 49153IP : 192.168.0.102

Nessus ID : 10736




Synopsis :


Description :


Risk factor :

None

Plugin output :


Object UUID : 00000000-0000-0000-0000-000000000000UUID : 367abb81-9844-35f1-ad32-98f038001003, version 2.0Description : Unknown RPC serviceType : Remote RPC serviceTCP Port : 49162IP : 192.168.0.102

Nessus ID : 10736




Synopsis :


Description :


Risk factor :

None

Plugin output :


Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Remote RPC serviceTCP Port : 49154IP : 192.168.0.102



Nessus Scan Report


Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Remote RPC serviceTCP Port : 49154IP : 192.168.0.102

Nessus ID : 10736


Port general/tcp

Host FQDN192.168.0.102 resolves as tareq-laptop.

Nessus ID : 12053

OS Identification

Remote operating system : Microsoft Windows Vista HomeConfidence Level : 99Method : MSRPC

The remote host is running Microsoft Windows Vista Home

Nessus ID : 11936

Information about the scanInformation about this scan :

Nessus version : 3.2.1.1Plugin feed version : 200811171434Type of plugin feed : HomeFeed (Non-commercial use only)Scanner IP : 192.168.0.102Port scanner(s) : synscan Port range : defaultThorough tests : noExperimental tests : noParanoia level : 1Report Verbosity : 1Safe checks : yesOptimize the test : yesMax hosts : 20Max checks : 5Recv timeout : 5Backports : NoneScan Start Date : 2008/11/17 15:23Scan duration : 897 sec

The following web server have not been scanned because they are passwordprotected, or too slow to answer.They were running on ports :+ 2869

Nessus ID : 19506


Port microsoft-ds (445/tcp)

SMB Detection

Synopsis :

A file / print sharing service is listening on the remote host.

Description :

The remote service understands the CIFS (Common Internet File System)or Server Message Block (SMB) protocol, used to provide shared accessto files, printers, etc between nodes on a network.

Risk factor :





Nessus Scan Report


None

Plugin output :

A CIFS server is running on this port.

Nessus ID : 11011


Synopsis :


Description :


Risk factor :

None

Plugin output :

The following DCERPC services are available remotely :

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Remote RPC serviceNamed pipe : \PIPE\protected_storageNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Remote RPC serviceNamed pipe : \pipe\lsassNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Remote RPC serviceNamed pipe : \pipe\keysvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Remote RPC serviceNamed pipe : \pipe\tapsrvNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \pipe\trkwksNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0Description : SSDP serviceWindows process : unknowType : Remote RPC serviceNamed pipe : \PIPE\wkssvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0


Nessus Scan Report


Description : SSDP serviceWindows process : unknowType : Remote RPC serviceNamed pipe : \PIPE\DAV RPC SERVICENetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\wkssvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\DAV RPC SERVICENetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\W32TIME_ALTNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\wkssvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\DAV RPC SERVICENetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\W32TIME_ALTNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\wkssvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\DAV RPC SERVICENetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\W32TIME_ALTNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy ServiceType : Remote RPC serviceNamed pipe : \PIPE\wkssvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy Service

Nessus Scan Report


Type : Remote RPC serviceNamed pipe : \PIPE\DAV RPC SERVICENetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy ServiceType : Remote RPC serviceNamed pipe : \PIPE\W32TIME_ALTNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Remote RPC serviceNamed pipe : \PIPE\srvsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Remote RPC serviceNamed pipe : \PIPE\browserNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\srvsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\browser

Nessus Scan Report


Netbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\srvsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\browserNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\atsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\srvsvcNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Remote RPC serviceNamed pipe : \PIPE\browserNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0Description : Unknown RPC serviceAnnotation : Event log TCPIPType : Remote RPC serviceNamed pipe : \pipe\eventlogNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Remote RPC serviceNamed pipe : \pipe\eventlogNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Remote RPC serviceNamed pipe : \pipe\eventlogNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Remote RPC serviceNamed pipe : \pipe\eventlog

Nessus Scan Report


Netbios name : \\TAREQ-LAPTOP

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\InitShutdownNetbios name : \\TAREQ-LAPTOP

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceNamed pipe : \PIPE\InitShutdownNetbios name : \\TAREQ-LAPTOP

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Remote RPC serviceNamed pipe : \pipe\lsassNetbios name : \\TAREQ-LAPTOP

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Remote RPC serviceNamed pipe : \PIPE\protected_storageNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Remote RPC serviceNamed pipe : \pipe\lsassNetbios name : \\TAREQ-LAPTOP

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Remote RPC serviceNamed pipe : \PIPE\protected_storageNetbios name : \\TAREQ-LAPTOP

Nessus ID : 10736

SMB NativeLanMan

Synopsis :

It is possible to obtain information about the remote operatingsystem.

Description :

It is possible to get the remote operating system name andversion (Windows and/or Samba) by sending an authenticationrequest to port 139 or 445.

Risk factor :

None

Plugin output :

The remote Operating System is : Windows Vista (TM) Home Basic 6001 Service Pack 1The remote native lan manager is : Windows Vista (TM) Home Basic 6.0The remote SMB Domain Name is : TAREQ-LAPTOP

Nessus ID : 10785

SMB log in

Synopsis :



Nessus Scan Report


It is possible to log into the remote host.

Description :

The remote host is running one of the Microsoft Windows operatingsystems. It was possible to log into it using one of the followingaccount :

- NULL session- Guest account- Given Credentials

See also :

http://support.microsoft.com/support/kb/articles/Q143/4/74.ASPhttp://support.microsoft.com/support/kb/articles/Q246/2/61.ASP

Risk factor :

none

Plugin output :

- NULL sessions are enabled on the remote host

CVE : CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222, CVE-2002-1117, CVE-2005-3595BID : 494, 990, 11199

Nessus ID : 10394

SMB registry can not be accessed by the scanner

Synopsis :

Nessus is not able to access the remote Windows Registry.

Description :

It was not possible to connect to PIPE\winreg on the remote host.

If you intend to use Nessus to perform registry-based checks, theregistry checks will not work because the 'Remote Registry Access'service (winreg) has been disabled on the remote host or can not beconnected to with the supplied credentials.

Risk factor :

None

Nessus ID : 26917

SMB NULL session

Synopsis :

It is possible to log into the remote host.

Description :

The remote host is running one of the Microsoft Windows operatingsystems. It was possible to log into it using a NULL session.

A NULL session (no login/password) allows to get information aboutthe remote host.

See also :

http://support.microsoft.com/support/kb/articles/Q143/4/74.ASPhttp://support.microsoft.com/support/kb/articles/Q246/2/61.ASP

Risk factor :

NoneCVE : CVE-2002-1117BID : 494

Nessus ID : 26920


http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP







Nessus Scan Report


Port netbios-ssn (139/tcp)

SMB Detection

Synopsis :

A file / print sharing service is listening on the remote host.

Description :

The remote service understands the CIFS (Common Internet File System)or Server Message Block (SMB) protocol, used to provide shared accessto files, printers, etc between nodes on a network.

Risk factor :

None

Plugin output :

An SMB server is running on this port.

Nessus ID : 11011


Port http (80/tcp)


Nessus ID : 22964

Directory Scanner

Synopsis :

It is possible to enumerate web directories.

Description :

This plugin attempts to determine the presence of variouscommon dirs on the remote web server.

Risk factor :

None

Plugin output :

The following directories were discovered:/cgi-bin, /webalizer, /error, /icons

While this is not, in and of itself, a bug, you should manually inspect these directories to ensure that they are in compliance with companysecurity standards

Other references : OWASP:OWASP-CM-006

Nessus ID : 11032

Web mirroringThe following CGI have been discovered :

Syntax : cginame (arguments [default value])

/perso/templates/jjfluidsolution/css/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] ). (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )/mod_yj_whois_joomla1.5/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )/perso/templates/jjfluidsolution/images/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )/perso/administrator/index.php (lang [] passwd [] d8eef1eccbd6768d71876690f1343d31 [1] tas...)/perso/index.php (link=aHR0cDovL3RhcmVxLWxhcHRvcC9wZXJzby9pbmRleC5waHA/dmlld...)

Directory index found at /Directory index found at /mod_yj_whois_joomla1.5/Directory index found at /perso/templates/jjfluidsolution/css/Directory index found at /perso/templates/jjfluidsolution/images/




Nessus Scan Report


Nessus ID : 10662

Web Server Uses Plain Text Authentication Forms

Synopsis :

The remote web server might transmit credentials over clear text

Description :

The remote web server contains several HTML forms containingan input of type 'password' which transmit their information toa remote web server over plain text.

An attacker eavesdropping the traffic might use this setup toobtain logins and passwords of valid users.

Solution :

Make sure that every form transmits its results over HTTPS

Risk factor:

Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Page : /perso/Destination page : /perso/index.phpInput name : passwd

Page : /perso/?D=ADestination page : /perso/index.phpInput name : passwd

Page : /perso/index.phpDestination page : /perso/index.phpInput name : passwd

Page : /perso/administrator/Destination page : index.phpInput name : passwd

Page : /perso/administrator/?D=ADestination page : index.phpInput name : passwd

Nessus ID : 26194


Synopsis :


Description :


Risk factor :

None

Plugin output :


Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6

Solution : You can set the directive 'ServerTokens Prod' to limitthe information emanating from the server in its response headers.



Nessus Scan Report


Nessus ID : 10107


Synopsis :


Description :



Risk factor :

None

Plugin output :

Protocol version : HTTP/1.1SSL : noPipelining : yesKeep-Alive : yesOptions allowed : (Not implemented)Headers :

Date: Mon, 17 Nov 2008 22:27:46 GMTServer: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6Content-Length: 855Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html;charset=utf-8

Nessus ID : 24260

HTTP TRACE / TRACK MethodsSynopsis :

Debugging functions are enabled on the remote web server.

Description :

The remote webserver supports the TRACE and/or TRACK methods. TRACEand TRACK are HTTP methods which are used to debug web serverconnections.

In addition, it has been shown that servers supporting the TRACEmethod are subject to cross-site scripting attacks, dubbed XST for"Cross-Site Tracing", when used in conjunction with various weaknessesin browsers. An attacker may use this flaw to trick your legitimateweb users to give him their credentials.

See also :

http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfhttp://www.apacheweek.com/issues/03-01-24http://www.kb.cert.org/vuls/id/867593

Solution :

Disable these methods.

Risk factor :

Medium / CVSS Base Score : 5.0(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)Solution :

Add the following lines for each virtual host in your configuration file :

RewriteEngine onRewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)RewriteRule .* - [F]



http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf

http://www.apacheweek.com/issues/03-01-24

http://www.kb.cert.org/vuls/id/867593

Nessus Scan Report


Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2support disabling the TRACE method natively via the 'TraceEnable'directive.

Plugin output :

The server response from a TRACE request is :

TRACE /6k09rg3g.html HTTP/1.1Host: tareq-laptopAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*Date: Mon, 17 Dec 2008 22:30:13 GMTUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)Accept-Charset: iso-8859-1,*,utf-8Pragma: no-cacheAccept-Language: enConnection: Close

CVE : CVE-2004-2320BID : 9506, 9561, 11604Other references : OSVDB:877, OSVDB:3726

Nessus ID : 11213

WebDAV enabledSynopsis :

The remote server is running with WebDAV enabled.

Description :

WebDAV is an industry standard extension to the HTTP specification.It adds a capability for authorized users to remotely add and managethe content of a web server.

If you do not use this extension, you should disable it.

Solution :

http://support.microsoft.com/default.aspx?kbid=241520

Risk factor :

None

Nessus ID : 11424

Joomla! Detection

Synopsis :

The remote web server contains a content management system written inPHP.

Description :

The remote host is running Joomla!, an open-source content managementsystem written in PHP.

See also :

http://www.joomla.org/

Risk factor :

None

Plugin output :

An unknown version of Joomla! was detected on the remote host underthe path '/perso'.

Nessus ID : 21142

Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS

Synopsis :






Nessus Scan Report


The remote web server is vulnerable to a cross-site scripting attack.

Description :

The mod_proxy_ftp module in the version of Apache installed on theremote host fails to properly sanitize user-supplied URL input beforeusing it to generate dynamic HTML output. Using specially craftedrequests for FTP URLs with globbing characters (such as asterisk,tilde, opening square bracket, etc), an attacker may be able toleverage this issue to inject arbitrary HTML and script code into auser's browser to be executed within the security context of theaffected site.

See also :

http://www.rapid7.com/advisories/R7-0033http://www.securityfocus.com/archive/1/495180/100/0/threadedhttp://www.apache.org/dist/httpd/CHANGES_2.2.10http://httpd.apache.org/security/vulnerabilities_22.html

Solution :

Either disable the affected module or upgrade to Apache version 2.2.10or later.

Risk factor :

Medium / CVSS Base Score : 4.3(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Plugin output :

Apache version 2.2.9 appears to be running on the remote host basedon the following Server response header :

Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6

Note that Nessus tried but failed to exploit the issue and instead hasrelied only on a banner check. There may be several reasons why theexploit failed :

- The remote web server is not configured to usemod_proxy_ftp or to proxy requests in general.

- The remote web server is configured such that the Nessusscanning host is not allowed to use the proxy.

- The plugin did not know of an anonymous FTP server thatit could use for testing.

CVE : CVE-2008-2939BID : 30560Other references : OSVDB:47474

Nessus ID : 34433






Synopsis :


Description :


Risk factor :

http://www.rapid7.com/advisories/R7-0033

http://www.securityfocus.com/archive/1/495180/100/0/threaded

http://www.apache.org/dist/httpd/CHANGES_2.2.10

http://httpd.apache.org/security/vulnerabilities_22.html


Nessus Scan Report


None

Plugin output :


Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0Description : Unknown RPC serviceType : Remote RPC serviceTCP Port : 49152IP : 192.168.0.102

Nessus ID : 10736


Port epmap (135/tcp)


Synopsis :


Description :


Risk factor :

None

Plugin output :

The following DCERPC services are available locally :

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Local RPC serviceNamed pipe : samss lpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Local RPC serviceNamed pipe : protected_storage

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Local RPC serviceNamed pipe : securityevent

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Local RPC serviceNamed pipe : audit

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0Description : Unknown RPC serviceAnnotation : KeyIsoType : Local RPC serviceNamed pipe : LRPC-1bc1fc513ee630cdf9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account Manager


Nessus Scan Report


Windows process : lsass.exeType : Local RPC serviceNamed pipe : samss lpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : DNSResolver

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : keysvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : keysvc2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : OLE181A6D6035294F5BB0171544DBA3

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : nlaplg

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : nlaapi

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : tapsrvlpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0Description : Unknown RPC serviceAnnotation : Unimodem LRPC EndpointType : Local RPC serviceNamed pipe : unimdmsvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0Description : IPsec Services (Windows XP & 2003)Windows process : lsass.exeAnnotation : IPSec Policy agent endpointType : Local RPC serviceNamed pipe : LRPC-9a43934f16adc911aa

Object UUID : 00000000-0000-0000-0000-000000000000UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0Description : Unknown RPC serviceAnnotation : Base Firewall Engine APIType : Local RPC serviceNamed pipe : LRPC-d184615c890c17a2a8

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0Description : Unknown RPC serviceAnnotation : Fw APIsType : Local RPC serviceNamed pipe : LRPC-d184615c890c17a2a8

Nessus Scan Report


Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0Description : Unknown RPC serviceAnnotation : Fw APIsType : Local RPC serviceNamed pipe : LRPC-d184615c890c17a2a8

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0Description : Unknown RPC serviceAnnotation : Spooler function endpointType : Local RPC serviceNamed pipe : spoolss

Object UUID : 00000000-0000-0000-0000-000000000000UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0Description : Unknown RPC serviceAnnotation : Spooler base remote object endpointType : Local RPC serviceNamed pipe : spoolss

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0Description : Unknown RPC serviceAnnotation : Spooler function endpointType : Local RPC serviceNamed pipe : spoolss

Object UUID : 6cbed980-4aaa-4929-a551-c2ae1b1ed3b7UUID : 98e96949-bc59-47f1-92d1-8c25b46f85c7, version 1.0Description : Unknown RPC serviceAnnotation : IhvExtRpcServerType : Local RPC serviceNamed pipe : LRPC-f3bd63907917d67526

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b, version 1.0Description : Unknown RPC serviceAnnotation : Wireless DiagnosticsType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 6e616c77-7673-0063-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9, version 1.0Description : Unknown RPC serviceAnnotation : Wlan ServiceType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c3f42c6e-d4cc-4e5a-938b-9c5e8a5d8c2e, version 1.0Description : Unknown RPC serviceAnnotation : IhvExtRpcServerType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 654976df-1498-4056-a15e-cb4e87584bd8, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0Description : Unknown RPC serviceAnnotation : PcaSvcType : Local RPC serviceNamed pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0Description : Unknown RPC serviceType : Local RPC service

Nessus Scan Report


Named pipe : LRPC-a59b50af4fc8f1c846

Object UUID : 00000000-0000-0000-0000-000000000000UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : trkwks

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0Description : Unknown RPC serviceAnnotation : NSI server endpointType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0Description : Unknown RPC serviceAnnotation : NSI server endpointType : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0Description : SSDP serviceWindows process : unknowType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0Description : SSDP serviceWindows process : unknowType : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : W32TIME_ALT

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : W32TIME_ALT

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC service

Nessus Scan Report


Type : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : W32TIME_ALT

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy ServiceType : Local RPC serviceNamed pipe : OLEC584AE91DF1C4A77812CAA1CF156

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy ServiceType : Local RPC serviceNamed pipe : LRPC-f9ff8503ca9db00abd

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0Description : Unknown RPC serviceAnnotation : WinHttp Auto-Proxy ServiceType : Local RPC serviceNamed pipe : W32TIME_ALT

Object UUID : 666f7270-6c69-7365-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 736e6573-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 736e6573-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0

Nessus Scan Report


Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0Description : Scheduler ServiceWindows process : svchost.exeType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0Description : Unknown RPC serviceAnnotation : IKE/Authip APIType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0

Nessus Scan Report


Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : SECLOGON

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : SECLOGON

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : OLE9788C8824AE448A0AC40A3CB87B9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0Description : Unknown RPC serviceAnnotation : AppInfoType : Local RPC serviceNamed pipe : SECLOGON

Object UUID : 6c637067-6569-746e-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : LRPC-50d9f1e0e900b4b1a2

Nessus Scan Report


Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : LRPC-50d9f1e0e900b4b1a2

Object UUID : 00000000-0000-0000-0000-000000000000UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0Description : Unknown RPC serviceAnnotation : Event log TCPIPType : Local RPC serviceNamed pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Local RPC serviceNamed pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Local RPC serviceNamed pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Local RPC serviceNamed pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Local RPC serviceNamed pipe : OLEA4A78BF40E844C429353F4D40DC8

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0Description : Unknown RPC serviceAnnotation : DHCPv6 Client LRPC EndpointType : Local RPC serviceNamed pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : OLEA4A78BF40E844C429353F4D40DC8

Nessus Scan Report


Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0Description : DHCP Client ServiceWindows process : svchost.exeAnnotation : DHCP Client LRPC EndpointType : Local RPC serviceNamed pipe : dhcpcsvc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : OLEA4A78BF40E844C429353F4D40DC8

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0Description : Unknown RPC serviceAnnotation : Security CenterType : Local RPC serviceNamed pipe : dhcpcsvc

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000001UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : WMsgKRpc01211CE1

Object UUID : 52ef130c-08fd-4388-86b3-6edf00000001UUID : 12e65dd8-887f-41ef-91bf-8d816c42c2e7, version 1.0Description : Unknown RPC serviceAnnotation : Secure Desktop LRPC interfaceType : Local RPC serviceNamed pipe : WMsgKRpc01211CE1

Object UUID : 6d726574-7273-0076-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : LRPC-b34c62772257d8fc71

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0Description : Unknown RPC service

Nessus Scan Report


Type : Local RPC serviceNamed pipe : WMsgKRpc0120F320

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : WindowsShutdown

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : WMsgKRpc0120F320

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0Description : Unknown RPC serviceType : Local RPC serviceNamed pipe : WindowsShutdown

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : LRPC-1bc1fc513ee630cdf9

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : audit

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : securityevent

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : protected_storage

Object UUID : 00736665-0000-0000-0000-000000000000UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0Description : Unknown RPC serviceAnnotation : Impl friendly nameType : Local RPC serviceNamed pipe : samss lpc

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Local RPC serviceNamed pipe : LRPC-1bc1fc513ee630cdf9

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Local RPC serviceNamed pipe : audit

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exeType : Local RPC serviceNamed pipe : securityevent

Object UUID : 00000000-0000-0000-0000-000000000000UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0Description : Security Account ManagerWindows process : lsass.exe

Nessus Scan Report


Type : Local RPC serviceNamed pipe : protected_storage

Nessus ID : 10736




Nessus ID : 22964


Synopsis :


Description :


Risk factor :

None

Plugin output :


Microsoft-HTTPAPI/2.0

Nessus ID : 10107


Synopsis :


Description :



Risk factor :

None

Plugin output :

Protocol version : HTTP/1.1SSL : noPipelining : noKeep-Alive : noOptions allowed : (Not implemented)Headers :

Content-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 17 Nov 2008 22:27:45 GMTConnection: closeContent-Length: 326

Nessus ID : 24260


Port rtsp (554/tcp)





Nessus Scan Report





Nessus ID : 22964


Synopsis :


Description :


Risk factor :

None

Plugin output :


Microsoft-HTTPAPI/2.0

Nessus ID : 10107


Synopsis :


Description :



Risk factor :

None

Plugin output :

Protocol version : HTTP/1.1SSL : noPipelining : noKeep-Alive : noOptions allowed : (Not implemented)Headers :

Content-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 17 Nov 2008 22:27:45 GMTConnection: closeContent-Length: 315

Nessus ID : 24260


Port https (443/tcp)

Service detectionAn SSLv2 server answered on this port.

Nessus ID : 22964





Nessus Scan Report


Service detectionA web server is running on this port through SSLv2.

Nessus ID : 22964

SSL Certificate

Synopsis :

This plugin displays the SSL certificate.

Description :

This plugin connects to every port SSL-related ports and attempts to extract and dump the X.509 certificate.

Risk factor :

None

Plugin output :Subject Name:

Organization: Apache FriendsOrganization Unit: XAMPP for WindowsCommon Name: localhost

Issuer Name:

Organization: Apache FriendsOrganization Unit: XAMPP for WindowsCommon Name: localhost

Serial Number: 00 8F A9 82 59 12 3A 1B E8

Version: 1

Signature Algorithm: SHA-1 With RSA Encryption

Not Valid Before: Dec 04 15:11:04 2005 GMTNot Valid After: Dec 04 15:11:04 2006 GMT

Public Key Info:

Algorithm: RSA EncryptionPublic Key: 00 A8 91 0B 69 4F 18 DA C1 29 9A AC B1 D5 B3 AE EF 92 A7 AB CC 0D 57 C4 15 EA B7 9B DC C2 84 CE 3E 2A 41 21 EC 29 A2 FC E3 62 16 A8 0F 4F D0 65 4B 9B 51 DC 63 A2 8C ED E2 06 F8 12 31 50 23 91 E2 8C C0 AD 73 83 47 B5 02 CB AE 54 F8 2D 9D 48 DC 45 27 D8 5C 5D 6F 15 FD 2F 99 1A 2E BE C1 91 BA AF B5 3C 83 B7 52 CF A4 E8 C3 74 51 62 22 96 28 5F EF 04 A9 D3 68 DF BC C4 02 DA 73 93 F5 59 2F Exponent: 01 00 01

Signature: 00 1D 1F 34 D8 0B FF DF DE 71 59 0A C2 9B 3A C6 6F AF 97 93 5A 77 2E 9B 00 0F 9F 32 E0 87 B7 8A A0 10 4E 82 37 00 CA E1 D4 36 16 90 CD A3 62 DC 67 26 E6 8D F7 14 E2 5E 8D 3C 8C 44 51 8E 9E 76 03 42 DC 42 B6 52 C9 DB 17 B7 CD F2 0D FC A4 FF F7 FF 9A FB B5 11 9E 58 3E C4 C3 A0 A3 F8 6A F4 D4 03 2F 65 84 95 DF 52 FF 1C 92 A9 35 DB 67 74 3E 77 D6 3A D8 6D 3B 08 28 34 9B 86 27 31 92 E7 45

Nessus ID : 10863

Supported SSL Ciphers Suites

Synopsis :

The remote service encrypts communications using SSL.

Description :

This script detects which SSL ciphers are supported by the remoteservice for encrypting communications.

See also :

http://www.openssl.org/docs/apps/ciphers.html


livecall:7451622296



Nessus Scan Report


Risk factor :

None

Plugin output :

Here is the list of SSL ciphers supported by the remote server :

Low Strength Ciphers (< 56-bit key)SSLv3EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export TLSv1EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

Medium Strength Ciphers (>= 56-bit and < 112-bit key)SSLv3EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1 TLSv1EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1

High Strength Ciphers (>= 112-bit key)SSLv3EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 TLSv1EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}Kx={key exchange}Au={authentication}Enc={symmetric encryption method}Mac={message authentication code}{export flag}

Nessus ID : 21643

Weak Supported SSL Ciphers Suites

Synopsis :

The remote service supports the use of weak SSL ciphers.

Description :

The remote host supports the use of SSL ciphers that offer either weakencryption or no encryption at all.

See also :


Solution :

Reconfigure the affected application if possible to avoid use of weakciphers.

Risk factor :

Medium / CVSS Base Score : 5.0



Nessus Scan Report


(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (< 56-bit key)SSLv3EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export TLSv1EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

The fields above are :

{OpenSSL ciphername}Kx={key exchange}Au={authentication}Enc={symmetric encryption method}Mac={message authentication code}{export flag}

Nessus ID : 26928

SSL Certificate Expiry

Synopsis :

The remote server's SSL certificate has already expired or will expireshortly.

Description :

This script checks expiry dates of certificates associated withSSL-enabled services on the target and reports whether any havealready expired or will expire shortly.

Solution :

Purchase or generate a new SSL certificate to replace the existingone.

Risk factor :

None

Plugin output :

The SSL certificate of the remote service expired Dec 4 15:11:04 2006 GMT!

Nessus ID : 15901

Deprecated SSL Protocol Usage

Synopsis :

The remote service encrypts traffic using a protocol with knownweaknesses.

Description :

The remote service accepts connections encrypted using SSL 2.0, whichreportedly suffers from several cryptographic flaws and has beendeprecated for several years. An attacker may be able to exploitthese issues to conduct man-in-the-middle attacks or decryptcommunications between the affected service and clients.

See also :

http://www.schneier.com/paper-ssl.pdf

Solution :

Consult the application's documentation to disable SSL 2.0 and use SSL3.0 or TLS 1.0 instead.



http://www.schneier.com/paper-ssl.pdf

Nessus Scan Report


Risk factor :

Medium / CVSS Base Score : 5.0(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Nessus ID : 20007

Directory Scanner

Synopsis :

It is possible to enumerate web directories.

Description :

This plugin attempts to determine the presence of variouscommon dirs on the remote web server.

Risk factor :

None

Plugin output :

The following directories were discovered:/cgi-bin, /webalizer, /error, /icons

While this is not, in and of itself, a bug, you should manually inspect these directories to ensure that they are in compliance with companysecurity standards

Other references : OWASP:OWASP-CM-006

Nessus ID : 11032

Web mirroringThe following CGI have been discovered :

Syntax : cginame (arguments [default value])

. (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )/mod_yj_whois_joomla1.5/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )/perso/administrator/index.php (lang [en-GB] passwd [] task [login] d7883a0d1f699871df1fb9...)/perso/index.php (searchword [search...] format [feed] passwd [] id [25] 83c...)

Directory index found at /Directory index found at /mod_yj_whois_joomla1.5/

Nessus ID : 10662


Synopsis :


Description :


Risk factor :

None

Plugin output :


Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6

Solution : You can set the directive 'ServerTokens Prod' to limitthe information emanating from the server in its response headers.

Nessus ID : 10107






Nessus Scan Report


Synopsis :


Description :



Risk factor :

None

Plugin output :

Protocol version : HTTP/1.1SSL : yesPipelining : yesKeep-Alive : yesOptions allowed : (Not implemented)Headers :

Date: Mon, 17 Nov 2008 22:27:46 GMTServer: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6Content-Length: 856Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html;charset=utf-8

Nessus ID : 24260

HTTP TRACE / TRACK MethodsSynopsis :

Debugging functions are enabled on the remote web server.

Description :

The remote webserver supports the TRACE and/or TRACK methods. TRACEand TRACK are HTTP methods which are used to debug web serverconnections.

In addition, it has been shown that servers supporting the TRACEmethod are subject to cross-site scripting attacks, dubbed XST for"Cross-Site Tracing", when used in conjunction with various weaknessesin browsers. An attacker may use this flaw to trick your legitimateweb users to give him their credentials.

See also :

http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfhttp://www.apacheweek.com/issues/03-01-24http://www.kb.cert.org/vuls/id/867593

Solution :

Disable these methods.

Risk factor :

Medium / CVSS Base Score : 5.0(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)Solution :

Add the following lines for each virtual host in your configuration file :

RewriteEngine onRewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)RewriteRule .* - [F]

Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2support disabling the TRACE method natively via the 'TraceEnable'directive.


http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf

http://www.apacheweek.com/issues/03-01-24

http://www.kb.cert.org/vuls/id/867593

Nessus Scan Report


Plugin output :

The server response from a TRACE request is :

TRACE /9h6cs6az.html HTTP/1.1Host: tareq-laptopAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*Date: Mon, 17 Dec 2008 22:30:13 GMTUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)Accept-Charset: iso-8859-1,*,utf-8Pragma: no-cacheAccept-Language: enConnection: Close

CVE : CVE-2004-2320BID : 9506, 9561, 11604Other references : OSVDB:877, OSVDB:3726

Nessus ID : 11213

WebDAV enabledSynopsis :

The remote server is running with WebDAV enabled.

Description :

WebDAV is an industry standard extension to the HTTP specification.It adds a capability for authorized users to remotely add and managethe content of a web server.

If you do not use this extension, you should disable it.

Solution :


Risk factor :

None

Nessus ID : 11424

Joomla! Detection

Synopsis :

The remote web server contains a content management system written inPHP.

Description :

The remote host is running Joomla!, an open-source content managementsystem written in PHP.

See also :


Risk factor :

None

Plugin output :

An unknown version of Joomla! was detected on the remote host underthe path '/perso'.

Nessus ID : 21142

Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS

Synopsis :

The remote web server is vulnerable to a cross-site scripting attack.

Description :






Nessus Scan Report


The mod_proxy_ftp module in the version of Apache installed on theremote host fails to properly sanitize user-supplied URL input beforeusing it to generate dynamic HTML output. Using specially craftedrequests for FTP URLs with globbing characters (such as asterisk,tilde, opening square bracket, etc), an attacker may be able toleverage this issue to inject arbitrary HTML and script code into auser's browser to be executed within the security context of theaffected site.

See also :

http://www.rapid7.com/advisories/R7-0033http://www.securityfocus.com/archive/1/495180/100/0/threadedhttp://www.apache.org/dist/httpd/CHANGES_2.2.10http://httpd.apache.org/security/vulnerabilities_22.html

Solution :

Either disable the affected module or upgrade to Apache version 2.2.10or later.

Risk factor :

Medium / CVSS Base Score : 4.3(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Plugin output :

Apache version 2.2.9 appears to be running on the remote host basedon the following Server response header :

Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6

Note that Nessus tried but failed to exploit the issue and instead hasrelied only on a banner check. There may be several reasons why theexploit failed :

- The remote web server is not configured to usemod_proxy_ftp or to proxy requests in general.

- The remote web server is configured such that the Nessusscanning host is not allowed to use the proxy.

- The plugin did not know of an anonymous FTP server thatit could use for testing.

CVE : CVE-2008-2939BID : 30560Other references : OSVDB:47474

Nessus ID : 34433

http://www.rapid7.com/advisories/R7-0033

http://www.securityfocus.com/archive/1/495180/100/0/threaded

http://www.apache.org/dist/httpd/CHANGES_2.2.10

http://httpd.apache.org/security/vulnerabilities_22.html


nessus scan report using the defualt scan policy

Technology

remote rpc servicetcp

remote host

remote portpipe

unknown rpc serviceannotation

remote rmi registry

rpc request

unknown rpc servicetype

tareqlaptopport unknown