report-5f7b29ca-0d21-4f9e-b691-ce314a76e967

8/10/2019 report-5f7b29ca-0d21-4f9e-b691-ce314a76e967

1/8

Scan Report

June 29, 2014

Summary

This document reports on the results of an automatic security scan. The scan started at

Sun Jun 29 13:14:06 2014 UTC and ended at Sun Jun 29 13:24:59 2014 UTC. The report

first summarises the results found. Then, for each host, the report describes every issue

found. Please consider the advice given in each description, in order to rectify the issue.

Contents

1 Result Overview 2

2 Results per Host 2

2.1 10.0.6.60 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.1.1 Low general/SMBClient . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.1.2 Log general/CPE-T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2.1.3 Log general/HOST-T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2.1.4 Log general/tcp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2.1.5 Log microsoft-ds (445/tcp) . . . . . . . . . . . . . . . . . . . . . . . . . . 6

2.1.6 Log netbios-ns (137/udp) . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2.1.7 Log netbios-ssn (139/tcp) . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

1


2/8

2 RESULTS PER HOST 2

1 Result Overview

Host Most Severe Result(s) High Medium Low Log False Positives10.0.6.60 (SDFG ) Severity: Low 0 0 4 14 0

Total: 1 0 0 4 14 0

Vendor security updates are not trusted.Overrides are on. When a result has an override, this report uses the threat of the override.Notes are included in the report.This report might not show details of all issues that were found.It only lists hosts that produced issues.Issues with the threat level Debug are not shown.

This report contains all 18 results selected by the filtering described above. Before filtering

there were 20 results.

2 Results per Host

2.1 10.0.6.60

Host scan start Sun Jun 29 13:14:12 2014 UTCHost scan end Sun Jun 29 13:24:58 2014 UTC

Service (Port) Threat Level

general/SMBClient Low

general/CPE-T Loggeneral/HOST-T Loggeneral/tcp Logmicrosoft-ds (445/tcp) Lognetbios-ns (137/udp) Lognetbios-ssn (139/tcp) Log

2.1.1 Low general/SMBClient

Low (CVSS: 0.0)NVT: SMB Test

OS Version = WINDOWS 7 ENTERPRISE 7601 SERVICE PACK 1

Domain = WORKGROUP

SMB Serverversion = WINDOWS 7 ENTERPRISE 6.1

. . . continues on next page . . .


3/8


. . . continued from previous page . . .OID of test routine: 1.3.6.1.4.1.25623.1.0.90011


OS Version = WINDOWS 7 ENTERPRISE 7601 SERVICE PACK 1

Domain = WORKGROUP

SMB Serverversion = Windows 7 Enterprise 6.1

OID of test routine: 1.3.6.1.4.1.25623.1.0.90011


OS Version = Windows 7 Enterprise 7601 Service Pack 1

Domain = WORKGROUP

SMB Serverversion = WINDOWS 7 ENTERPRISE 6.1



OS Version = Windows 7 Enterprise 7601 Service Pack 1

Domain = WORKGROUP

SMB Serverversion = Windows 7 Enterprise 6.1


[ return to 10.0.6.60 ]

2.1.2 Log general/CPE-T

Log (CVSS: 0.0)NVT: CPE Inventory

10.0.6.60|cpe:/o:microsoft:windows



4/8


. . . continued from previous page . . .


[ return to 10.0.6.60 ]

2.1.3 Log general/HOST-T

Log (CVSS: 0.0)NVT: Host Summary

traceroute:10.0.6.12,10.0.6.60

TCP ports:445,139UDP ports:


[ return to 10.0.6.60 ]

2.1.4 Log general/tcp

Log (CVSS: 0.0)NVT: Checks for open udp ports

Open UDP ports: [None found]


Log (CVSS: 0.0)NVT: Check open ports

** Some of the ports (1/2) were skipped by this check because some

** scripts could not connect to them before the defined timeout

This might be an availability problem related which might be

due to the following reasons :

- The remote host is now down, either because a user turned it

off during the scan

- A network outage has been experienced during the scan, and the remote



5/8


. . . continued from previous page . . .network cannot be reached from the OpenVAS server any more

- This OpenVAS server has been blacklisted by the system administrator

or by automatic intrusion detection/prevention systems which have detected the

vulnerability assessment.

In any case, the audit of the remote host might be incomplete and may need to

be done again


Log (CVSS: 0.0)NVT: arachni (NASL wrapper)

Arachni could not be found in your system path.OpenVAS was unable to execute Arachni and to perform the scan you

requested.

Please make sure that Arachni is installed and that arachni is

available in the PATH variable defined for your environment.


Log (CVSS: 0.0)

NVT: Traceroute

Here is the route from 10.0.6.12 to 10.0.6.60:

10.0.6.12

10.0.6.60


Log (CVSS: 0.0)NVT: Microsoft SMB Signing Disabled

SMB signing is disabled on this host



6/8


Log (CVSS: 0.0)NVT: Checks for open tcp ports

Open TCP ports: 445, 139


[ return to 10.0.6.60 ]

2.1.5 Log microsoft-ds (445/tcp)

Log

NVT:

Open port.

OID of test routine: 0

Log (CVSS: 0.0)NVT: SMB NativeLanMan

Summary:

It is possible to extract OS, domain and SMB server information

from the Session Setup AndX Response packet which is generated

during NTLM authentication.Detected SMB workgroup: WORKGROUP

Detected SMB server: Windows 7 Enterprise 6.1

Detected OS: Windows 7 Enterprise 7601 Service Pack 1


Log (CVSS: 0.0)

NVT: SMB on port 445

A CIFS server is running on this port



7/8


[ return to 10.0.6.60 ]

2.1.6 Log netbios-ns (137/udp)

Log (CVSS: 0.0)NVT: Using NetBIOS to retrieve information from a Windows host

The following 3 NetBIOS names have been gathered :

SDFG

WORKGROUP = Workgroup / Domain name

SDFG = This is the computer name

The remote host has the following MAC address on its adapter :

8c:70:5a:1d:d0:98

If you do not want to allow everyone to find the NetBios name

of your computer, you should filter incoming traffic to this port.


[ return to 10.0.6.60 ]

2.1.7 Log netbios-ssn (139/tcp)

LogNVT:

Open port.

OID of test routine: 0

Log (CVSS: 0.0)NVT: SMB on port 445

An SMB server is running on this port


[ return to 10.0.6.60 ]


8/8


This file was automatically generated.

report-5f7b29ca-0d21-4f9e-b691-ce314a76e967

Documents