Scan of Freds

Scan Report
March 17, 2017
Summary
This document reports on the results of an automatic security scan. All dates are dis-
played using the timezone UTC, which is abbreviated UTC. The task was Immediate
scan of IP 192.168.6.0/24. The scan started at Fri Mar 17 21:10:58 2017 UTC and ended
at Fri Mar 17 21:29:33 2017 UTC. The report first summarises the results found. Then, for
each host, the report describes every issue found. Please consider the advice given in each
description, in order to rectify the issue.
Contents
1 Result Overview 2
2 Results per Host 2

2.1 192.168.6.23 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
2.1.1 High 445/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
2.1.2 Medium 135/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1.3 Medium 3389/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1.4 Low general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1.5 Log general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1.6 Log 135/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.1.7 Log 5432/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.1.8 Log 3389/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.1.9 Log 445/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.1.10 Log general/CPE-T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.1.11 Log 139/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.1.12 Log 1947/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.2 192.168.6.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.2.1 High 80/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.2.2 Medium 443/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.3 Medium 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.2.4 Low 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.2.5 Log general/icmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
1
CONTENTS 2
2.2.6 Log 80/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

2.2.7 Log 443/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
2.2.8 Log general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
2.2.9 Log 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
2.2.10 Log general/CPE-T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
2 RESULTS PER HOST 3
1 Result Overview
Host High Medium Low Log False Positive

192.168.6.23 1 4 1 21 0
192.168.6.1 1 5 1 18 0
Total: 2 2 9 2 39 0
Vendor security updates are not trusted.

Overrides are on. When a result has an override, this report uses the threat of the override.
Notes are included in the report.
This report might not show details of all issues that were found.
It only lists hosts that produced issues.
Issues with the threat level Debug are not shown.
Issues with the threat level False Positive are not shown.
This report contains all 52 results selected by the filtering described above. Before filtering
there were 52 results.
2 Results per Host
2.1 192.168.6.23
Host scan start Fri Mar 17 21:11:12 2017 UTC
Host scan end Fri Mar 17 21:17:34 2017 UTC
Service (Port) Threat Level

445/tcp High
135/tcp Medium
3389/tcp Medium
general/tcp Low
general/tcp Log
135/tcp Log
5432/tcp Log
3389/tcp Log
445/tcp Log
general/CPE-T Log
139/tcp Log
1947/tcp Log
2.1.1 High 445/tcp

. . . continues on next page . . .
. . . continued from previous page . . .
High (CVSS: 10.0)

NVT: SMBv1 Unspecified Remote Code Execution (Shadow Brokers)
Summary
The remote Windows host is prone to an unspecified remote code execution vulnerability in
SMBv1 protocol.
Vulnerability Detection Result

Vulnerability was detected according to the Vulnerability Detection Method.
Solution
Solution type: Workaround
Disable SMB v1 and/or block all versions of SMB at the network boundary by blocking TCP
port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary
devices.
Vulnerability Insight
The remote Windows host is supporting SMBv1 and is therefore prone to an unspecified remote
code execution vulnerability. This vulnerability is related to the Shadow Brokers group.
Vulnerability Detection Method

Details:SMBv1 Unspecified Remote Code Execution (Shadow Brokers)
OID:1.3.6.1.4.1.25623.1.0.140151
Version used: $Revision: 5455 $
References
Other:
URL:https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best
,-Practices
URL:https://support.microsoft.com/en-us/kb/2696547
URL:https://support.microsoft.com/en-us/kb/204279
[ return to 192.168.6.23 ]
2.1.2 Medium 135/tcp
Medium (CVSS: 5.0)

NVT: DCE Services Enumeration Reporting
Summary
Distributed Computing Environment (DCE) services running on the remote host can be enu-
merated by connecting on port 135 and doing the appropriate queries.

Here is the list of DCE services running on this host via the TCP protocol:

Port: 49152/tcp
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1
Endpoint: ncacn_ip_tcp:192.168.6.23[49152]
Port: 49153/tcp
UUID: 06bba54a-be05-49f9-b0a0-30f790261023, version 1
Annotation: Security Center
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1
Annotation: NRP server endpoint
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1
Annotation: DHCP Client LRPC Endpoint
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1
Annotation: DHCPv6 Client LRPC Endpoint
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1
Annotation: Event log TCPIP
Port: 49154/tcp
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1
Annotation: IP Transition Configuration endpoint
UUID: 86d35949-83c9-4044-b424-db363231fd0c, version 1
UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1
Annotation: XactSrv service
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1
Annotation: IKE/Authip API
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1
Annotation: Impl friendly name
Port: 49155/tcp
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Named pipe : lsass
Win32 service or process : lsass.exe
Description : SAM access
Port: 49160/tcp
UUID: 367abb81-9844-35f1-ad32-98f038001003, version 2
Port: 49212/tcp
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1

Note: DCE services running on this host locally were identified. Reporting this
,list is not enabled by default due to the possible large size of this list. Se
,e the script preferences to enable this reporting.
Impact
An attacker may use this fact to gain more knowledge about the remote host.
Solution
Solution type: Mitigation
Filter incoming traffic to this port.

Details:DCE Services Enumeration Reporting
OID:1.3.6.1.4.1.25623.1.0.10736
[ return to 192.168.6.23 ]
Medium (CVSS: 4.3)

NVT: SSL/TLS: Report Weak Cipher Suites
Summary
This routine reports all Weak SSL/TLS cipher suites accepted by a service.
NOTE: No severity for SMTP services with Opportunistic TLS and weak cipher suites on port
25/tcp is reported. If too strong cipher suites are configured for this service the alternative would
be to fall back to an even more insecure cleartext communication.

Weak cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
Solution
The configuration of this services should be changed so that it does not accept the listed weak
cipher suites anymore.
Please see the references for more resources supporting you with this task.
These rules are applied for the evaluation of the cryptographic strength:
- RC4 is considered to be weak (CVE-2013-2566).
- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore
considered as weak (CVE-2015-4000).
- 1024 bit RSA authentication is considered to be insecure and therefore as weak.
- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong

Details:SSL/TLS: Report Weak Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.103440
References
CVE: CVE-2013-2566, CVE-2015-4000
Other:
URL:https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-
,1465_update_6.html
URL:https://bettercrypto.org/
URL:https://mozilla.github.io/server-side-tls/ssl-config-generator/
Medium (CVSS: 4.0)

NVT: SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
Summary
The remote service is using a SSL/TLS certificate chain that has been signed using a crypto-
graphically weak hashing algorithm.

The following certificates are part of the certificate chain but using insecure
,signature algorithms:
Subject: CN=FRED03.seclab.local
Signature Algorithm: sha1WithRSAEncryption
Solution
Servers that use SSL/TLS certificates signed using an SHA-1 signature will need to obtain new
SHA-2 signed SSL/TLS certificates to avoid these web browser SSL/TLS certificate warnings.
Secure Hash Algorithm 1 (SHA-1) is considered cryptographically weak and not secure enough
for ongoing use. Beginning as late as January 2017 and as early as June 2016, browser developers
such as Microsoft and Google will begin warning users when users visit web sites that use SHA-1
signed Secure Socket Layer (SSL) certificates.

Check which algorithm was used to sign the remote SSL/TLS Certificate.
Details:SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
OID:1.3.6.1.4.1.25623.1.0.105880
References
Other:
URL:https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with
,-sha-1-based-signature-algorithms/
Medium (CVSS: 4.0)

NVT: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerability
Summary
The SSL/TLS service uses Diffie-Hellman groups with insufficient strength (key size 2048).

Server Temporary Key Size: 1024 bits
Impact
An attacker might be able to decrypt the SSL/TLS communication offline.
Solution
Solution type: Workaround
Deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE) or use a 2048-bit or stronger Diffie-
Hellman group. (see https://weakdh.org/sysadmin.html)
The Diffie-Hellman group are some big numbers that are used as base for the DH computations.
They can be, and often are, fixed. The security of the final secret depends on the size of these
parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.

Checks the DHE temporary public key size.
Details:SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabili.
,..
OID:1.3.6.1.4.1.25623.1.0.106223
References
Other:
URL:https://weakdh.org/
URL:https://weakdh.org/sysadmin.html
[ return to 192.168.6.23 ]
2.1.4 Low general/tcp
Low (CVSS: 2.6)

NVT: TCP timestamps
Summary
The remote host implements TCP timestamps and therefore allows to compute the uptime.

It was detected that the host implements RFC1323.
The following timestamps were retrieved with a delay of 1 seconds in-between:
Paket 1: 12569306
Paket 2: 12569413
Impact
A side effect of this feature is that the uptime of the remote host can sometimes be computed.
Solution
To disable TCP timestamps on Windows execute netsh int tcp set global timestamps=disabled
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is, to not use the Timestamp options
when initiating TCP connections, but use them if the TCP peer that is initiating communication
includes them in their synchronize (SYN) segment.
See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152
Affected Software/OS
TCP/IPv4 implementations that implement RFC1323.
The remote host implements TCP timestamps, as defined by RFC1323.

Special IP packets are forged and sent with a little delay in between to the target IP. The
responses are searched for a timestamps. If found, the timestamps are reported.
Details:TCP timestamps
OID:1.3.6.1.4.1.25623.1.0.80091
References
Other:
URL:http://www.ietf.org/rfc/rfc1323.txt
[ return to 192.168.6.23 ]
2.1.5 Log general/tcp
Log (CVSS: 0.0)

NVT: OS Detection Consolidation and Reporting
Summary
This script consolidates the OS information detected by several NVTs and tries to find the best
matching OS.
Furthermore it reports all previously collected information leading to this best matching OS. It
also reports possible additional informations which might help to improve the OS detection.
If any of this information is wrong or could be improved please consider to report these to
openvas-plugins@wald.intevation.org.

Best matching OS:
OS: Windows 7 Enterprise 7601 Service Pack 1
CPE: cpe:/o:microsoft:windows_7:-:sp1
Found by NVT: 1.3.6.1.4.1.25623.1.0.102011 (SMB NativeLanMan)
Concluded from SMB/Samba banner on port 445/tcp: OS String: Windows 7 Enterprise
, 7601 Service Pack 1; SMB String: Windows 7 Enterprise 6.1
Setting key "Host/runs_windows" based on this information
Other OS detections (in order of reliability):
OS: Windows
CPE: CPE: cpe:/o:microsoft:windows
Found by NVT: 1.3.6.1.4.1.25623.1.0.108021 (Nmap OS Identification (NASL wrapper
,))
Concluded from Nmap TCP/IP fingerprinting:
OS: Windows;
CPE: cpe:/o:microsoft:windows
Unknown banners have been collected which might help to identify the OS running
,on this host. If these banners containing information about the host OS please
, report the following information to openvas-plugins@wald.intevation.org:
Banner: Server: HASP LM/18.00
Identified from: HTTP Server banner on port 1947/tcp
Log Method
Details:OS Detection Consolidation and Reporting
OID:1.3.6.1.4.1.25623.1.0.105937
Log (CVSS: 0.0)

NVT: Traceroute
Summary

A traceroute from the scanning server to the target system was conducted. This traceroute
is provided primarily for informational value only. In the vast majority of cases, it does not
represent a vulnerability. However, if the displayed traceroute contains any private addresses
that should not have been publicly visible, then you have an issue you need to correct.

Here is the route from 10.10.141.20 to 192.168.6.23:
10.10.141.20
192.168.214.1
192.168.10.1
192.168.6.23
Solution
Block unwanted packets from escaping your network.
Log Method
Details:Traceroute
OID:1.3.6.1.4.1.25623.1.0.51662
[ return to 192.168.6.23 ]
2.1.6 Log 135/tcp
Log (CVSS: 0.0)

NVT: DCE Services Enumeration
Summary
Distributed Computing Environment (DCE) services running on the remote host can be enu-
merated by connecting on port 135 and doing the appropriate queries.
The actual reporting takes place in the NVT DCE Services Enumeration Reporting (OID:
1.3.6.1.4.1.25623.1.0.10736)

A DCE endpoint resolution service seems to be running on this port.
Impact
An attacker may use this fact to gain more knowledge about the remote host.
Solution
Filter incoming traffic to this port.
Log Method
Details:DCE Services Enumeration
OID:1.3.6.1.4.1.25623.1.0.108044

[ return to 192.168.6.23 ]
2.1.7 Log 5432/tcp
Log (CVSS: 0.0)

NVT: PostgreSQL Detection
Summary
Detection of PostgreSQL, a open source object-relational database system
(http://www.postgresql.org).
The script sends a connection request to the server (user:postgres, DB:postgres) and attempts
to extract the version number from the reply.

Detected PostgreSQL
Version: unknown
Location: 5432/tcp
CPE: cpe:/a:postgresql:postgresql
Concluded from version identification result:
unknown
Log Method
Details:PostgreSQL Detection
OID:1.3.6.1.4.1.25623.1.0.100151
Log (CVSS: 0.0)

NVT: Services
Summary
This routine attempts to guess which service is running on the remote ports. For instance, it
searches for a web server which could listen on another port than 80 or 443 and makes this
information available for other check routines.

An unknown service is running on this port.
It is usually reserved for Postgres
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
[ return to 192.168.6.23 ]
2.1.8 Log 3389/tcp
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Non Weak Cipher Suites
Summary
This routine reports all Non Weak SSL/TLS cipher suites accepted by a service.

Non Weak cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
Log Method
Details:SSL/TLS: Report Non Weak Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.103441
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher Suites
Summary
This routine reports all SSL/TLS cipher suites accepted by a service which are supporting Perfect
Forward Secrecy (PFS).

Cipher suites supporting Perfect Forward Secrecy (PFS) are accepted by this serv
,ice via the TLSv1.0 protocol:
Log Method
Details:SSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.105018
Log (CVSS: 0.0)

NVT: Identify Unknown Services with nmap
Summary
This plugin performs service detection by launching nmaps service probe (nmap -sV) against
ports that are running unidentified services.

Nmap service detection result for this port: ssl|ms-wbt-server
This is a guess. A confident identification of the service was not possible.


Log Method
Details:Identify Unknown Services with nmap
OID:1.3.6.1.4.1.25623.1.0.66286
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Supported Cipher Suites
Summary
This routine reports all SSL/TLS cipher suites accepted by a service.
As the NVT SSL/TLS: Check Supported Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.900234)
might run into a timeout the actual reporting of all accepted cipher suites takes place in this
NVT instead. The script preference Report timeout allows you to configure if such an timeout
is reported.

Strong cipher suites accepted by this service via the TLSv1.0 protocol:
Medium cipher suites accepted by this service via the TLSv1.0 protocol:
No Null cipher suites accepted by this service via the TLSv1.0 protocol.

Log Method
Details:SSL/TLS: Report Supported Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.802067
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Medium Cipher Suites
Summary
This routine reports all Medium SSL/TLS cipher suites accepted by a service.


Any cipher suite considered to be secure for only the next 10 years is considered as medium
Log Method
Details:SSL/TLS: Report Medium Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.902816
[ return to 192.168.6.23 ]
2.1.9 Log 445/tcp
Log (CVSS: 0.0)

NVT: SMB NativeLanMan
Summary
It is possible to extract OS, domain and SMB server information from the Session Setup AndX
Response packet which is generated during NTLM authentication.

Detected SMB workgroup: SECLAB
Detected SMB server: Windows 7 Enterprise 6.1
Detected OS: Windows 7 Enterprise 7601 Service Pack 1
Log Method
Details:SMB NativeLanMan
OID:1.3.6.1.4.1.25623.1.0.102011
Log (CVSS: 0.0)

NVT: SMB/CIFS Server Detection
Summary

This script detects wether port 445 and 139 are open and if they are running a CIFS/SMB server.

A CIFS server is running on this port
Log Method
Details:SMB/CIFS Server Detection
OID:1.3.6.1.4.1.25623.1.0.11011
Log (CVSS: 0.0)

NVT: SMB Remote Version Detection
Summary
Detection of Server Message Block(SMB).
This script sends SMB Negotiation request and try to get the version from the response.

SMBv1 and SMBv2 are enabled on remote target
Log Method
Details:SMB Remote Version Detection
OID:1.3.6.1.4.1.25623.1.0.807830
Log (CVSS: 0.0)

NVT: SMB Test with smbclient
Summary
This script tests the remote host SMB Functions with the smbclient tool.

OS Version = WINDOWS 7 ENTERPRISE 7601 SERVICE PACK 1
Domain = SECLAB
SMB Serverversion = WINDOWS 7 ENTERPRISE 6.1
Log Method
Details:SMB Test with smbclient
OID:1.3.6.1.4.1.25623.1.0.90011
[ return to 192.168.6.23 ]
2.1.10 Log general/CPE-T

Log (CVSS: 0.0)

NVT: CPE Inventory
Summary
This routine uses information collected by other routines about CPE identities
(http://cpe.mitre.org/) of operating systems, services and applications detected during
the scan.

192.168.6.23|cpe:/a:postgresql:postgresql
192.168.6.23|cpe:/o:microsoft:windows_7:-:sp1
Log Method
Details:CPE Inventory
OID:1.3.6.1.4.1.25623.1.0.810002
[ return to 192.168.6.23 ]
2.1.11 Log 139/tcp
Log (CVSS: 0.0)

NVT: SMB/CIFS Server Detection
Summary
This script detects wether port 445 and 139 are open and if they are running a CIFS/SMB server.

A SMB server is running on this port
Log Method
Details:SMB/CIFS Server Detection
OID:1.3.6.1.4.1.25623.1.0.11011
[ return to 192.168.6.23 ]
2.1.12 Log 1947/tcp
Log (CVSS: 0.0)

NVT: HTTP Server type and version
Summary
This detects the HTTP Servers type and version.


The remote web server type is :
HASP LM/18.00
Solution
Log Method
Details:HTTP Server type and version
OID:1.3.6.1.4.1.25623.1.0.10107
Log (CVSS: 0.0)

NVT: DIRB (NASL wrapper)
Summary
This script uses DIRB to find directories and files on web applications via brute forcing. See the
preferences section for configuration options.

This are the directories/files found with brute force:
http://192.168.6.23:1947/
Log Method
Details:DIRB (NASL wrapper)
OID:1.3.6.1.4.1.25623.1.0.103079
Log (CVSS: 0.0)

NVT: Services
Summary

A web server is running on this port
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Log (CVSS: 0.0)

NVT: CGI Scanning Consolidation
Summary
The script consolidates various information for CGI scanning.
This information is based on the following scripts / settings:
- Web mirroring / webmirror.nasl (OID: 1.3.6.1.4.1.25623.1.0.10662)
- Various OS fingerprinting methods

The host seems to be running on a Windows operating system.
The host seems to be NOT able to host PHP scripts.
The host seems to be able to host ASP scripts.
The following directories were used for CGI scanning:
http://192.168.6.23:1947/
http://192.168.6.23:1947/cgi-bin
http://192.168.6.23:1947/scripts
While this is not, in and of itself, a bug, you should manually inspect these di
,rectories to ensure that they are in compliance with company security standard
,s
Log Method
Details:CGI Scanning Consolidation
OID:1.3.6.1.4.1.25623.1.0.111038
Log (CVSS: 0.0)

NVT: Nikto (NASL wrapper)
Summary
This plugin uses nikto(1) to find weak CGI scripts and other known issues regarding web server
security. See the preferences section for configuration options.

Here is the Nikto report:
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 192.168.6.23
+ Target Hostname: 192.168.6.23
+ Target Port: 1947
+ Start Time: 2017-03-17 21:14:09 (GMT0)
---------------------------------------------------------------------------
+ Server: HASP LM/18.00
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user a

,gent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent
,to render the content of the site in a different fashion to the MIME type
+ All CGI directories found, use -C none to test none
+ 26190 requests: 0 error(s) and 3 item(s) reported on remote host
+ End Time: 2017-03-17 21:15:20 (GMT0) (71 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Log Method
Details:Nikto (NASL wrapper)
OID:1.3.6.1.4.1.25623.1.0.14260
[ return to 192.168.6.23 ]
2.2 192.168.6.1
Host scan start Fri Mar 17 21:11:11 2017 UTC
Host scan end Fri Mar 17 21:29:33 2017 UTC
Service (Port) Threat Level

80/tcp High
443/tcp Medium
22/tcp Medium
22/tcp Low
general/icmp Log
80/tcp Log
443/tcp Log
general/tcp Log
22/tcp Log
general/CPE-T Log
2.2.1 High 80/tcp
High (CVSS: 9.0)

NVT: HTTP Brute Force Logins With Default Credentials Reporting
Summary
It was possible to login into the remote Web Application using default credentials.
As the NVT HTTP Brute Force Logins with default Credentials (OID:
1.3.6.1.4.1.25623.1.0.108041) might run into a timeout the actual reporting of this vulner-
ability takes place in this NVT instead. The script preference Report timeout allows you to
configure if such an timeout is reported.

It was possible to login with the following credentials <Url>:<User>:<Password>
http://192.168.6.1/:Administrator:admin
http://192.168.6.1/:MANAGER:COGNOS
Solution
Change the password as soon as possible.

Try to login with a number of known default credentials via HTTP Basic Auth.
Details:HTTP Brute Force Logins With Default Credentials Reporting
OID:1.3.6.1.4.1.25623.1.0.103240
[ return to 192.168.6.1 ]
Medium (CVSS: 4.3)

NVT: SSL/TLS: Report Weak Cipher Suites
Summary
This routine reports all Weak SSL/TLS cipher suites accepted by a service.
NOTE: No severity for SMTP services with Opportunistic TLS and weak cipher suites on port
25/tcp is reported. If too strong cipher suites are configured for this service the alternative would
be to fall back to an even more insecure cleartext communication.

Weak cipher suites accepted by this service via the SSLv3 protocol:
Solution
The configuration of this services should be changed so that it does not accept the listed weak
cipher suites anymore.
Please see the references for more resources supporting you with this task.
These rules are applied for the evaluation of the cryptographic strength:
- RC4 is considered to be weak (CVE-2013-2566).
- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore
considered as weak (CVE-2015-4000).
- 1024 bit RSA authentication is considered to be insecure and therefore as weak.

- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong

Details:SSL/TLS: Report Weak Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.103440
References
CVE: CVE-2013-2566, CVE-2015-4000
Other:
URL:https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-
,1465_update_6.html
Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated SSLv2 and SSLv3 Protocol Detection
Summary
It was possible to detect the usage of the deprecated SSLv2 and/or SSLv3 protocol on this
system.

The service is only providing the deprecated SSLv3 protocol and supports one or
,more ciphers. Those supported ciphers can be found in the SSL/TLS: Report Wea
,k and Supported Ciphers (OID: 1.3.6.1.4.1.25623.1.0.802067) NVT.
Impact
An attacker might be able to use the known cryptographic flaws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
Solution
It is recommended to disable the deprecated SSLv2 and/or SSLv3 protocols in favor of the
TLSv1+ protocols. Please see the references for more information.
Affected Software/OS
All services providing an encrypted communication using the SSLv2 and/or SSLv3 protocols.
The SSLv2 and SSLv3 protocols containing known cryptographic flaws.

Check the used protocols of the services provided by this system.

Details:SSL/TLS: Deprecated SSLv2 and SSLv3 Protocol Detection
OID:1.3.6.1.4.1.25623.1.0.111012
References
Other:
URL:https://www.enisa.europa.eu/activities/identity-and-trust/library/delivera
,bles/algorithms-key-sizes-and-parameters-report
Medium (CVSS: 4.3)

NVT: SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POO-
DLE)
Summary
This host is prone to an information disclosure vulnerability.

Impact
Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data
stream.
Impact Level: Application
Solution
Possible Mitigations are:
- Disable SSLv3
- Disable cipher suites supporting CBC cipher modes
The flaw is due to the block cipher padding not being deterministic and not covered by the
Message Authentication Code

Evaluate previous collected information about this service.
Details:SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability .
,..
OID:1.3.6.1.4.1.25623.1.0.802087
References
CVE: CVE-2014-3566

BID:70574
Other:
URL:https://www.openssl.org/~bodo/ssl-poodle.pdf
URL:https://www.imperialviolet.org/2014/10/14/poodle.html
URL:https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html
URL:http://googleonlinesecurity.blogspot.in/2014/10/this-poodle-bites-exploit
,ing-ssl-30.html
Medium (CVSS: 4.0)

NVT: SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
Summary
The remote service is using a SSL/TLS certificate chain that has been signed using a crypto-
graphically weak hashing algorithm.

The following certificates are part of the certificate chain but using insecure
,signature algorithms:
Subject: CN=IOS-Self-Signed-Certificate-3113653376
Signature Algorithm: md5WithRSAEncryption
Solution
Servers that use SSL/TLS certificates signed using an SHA-1 signature will need to obtain new
SHA-2 signed SSL/TLS certificates to avoid these web browser SSL/TLS certificate warnings.
Secure Hash Algorithm 1 (SHA-1) is considered cryptographically weak and not secure enough
for ongoing use. Beginning as late as January 2017 and as early as June 2016, browser developers
such as Microsoft and Google will begin warning users when users visit web sites that use SHA-1
signed Secure Socket Layer (SSL) certificates.

Check which algorithm was used to sign the remote SSL/TLS Certificate.
Details:SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
OID:1.3.6.1.4.1.25623.1.0.105880
References
Other:
URL:https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with
,-sha-1-based-signature-algorithms/
[ return to 192.168.6.1 ]
2.2.3 Medium 22/tcp

Medium (CVSS: 4.3)

NVT: SSH Weak Encryption Algorithms Supported
Summary
The remote SSH server is configured to allow weak encryption algorithms.

The following weak client-to-server encryption algorithms are supported by the r
,emote service:
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
The following weak server-to-client encryption algorithms are supported by the r
,emote service:
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
Solution
Disable the weak encryption algorithms.
The arcfour cipher is the Arcfour stream cipher with 128-bit keys. The Arcfour cipher is believed
to be compatible with the RC4 cipher [SCHNEIER]. Arcfour (and RC4) has problems with weak
keys, and should not be used anymore.
The none algorithm specifies that no encryption is to be done. Note that this method provides
no confidentiality protection, and it is NOT RECOMMENDED to use it.
A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to
recover plaintext from a block of ciphertext.

Check if remote ssh service supports Arcfour, none or CBC ciphers.
Details:SSH Weak Encryption Algorithms Supported
OID:1.3.6.1.4.1.25623.1.0.105611
References
Other:
URL:https://tools.ietf.org/html/rfc4253#section-6.3
URL:https://www.kb.cert.org/vuls/id/958563
[ return to 192.168.6.1 ]
2.2.4 Low 22/tcp

Low (CVSS: 2.6)

NVT: SSH Weak MAC Algorithms Supported
Summary
The remote SSH server is configured to allow weak MD5 and/or 96-bit MAC algorithms.

The following weak client-to-server MAC algorithms are supported by the remote s
,ervice:
hmac-md5
hmac-md5-96
hmac-sha1-96
The following weak server-to-client MAC algorithms are supported by the remote s
,ervice:
hmac-md5
hmac-md5-96
hmac-sha1-96
Solution
Disable the weak MAC algorithms.

Details:SSH Weak MAC Algorithms Supported
OID:1.3.6.1.4.1.25623.1.0.105610
[ return to 192.168.6.1 ]
2.2.5 Log general/icmp
Log (CVSS: 0.0)

NVT: ICMP Timestamp Detection
Summary
The remote host responded to an ICMP timestamp request. The Timestamp Reply is an ICMP
message which replies to a Timestamp message. It consists of the originating timestamp sent
by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp. This
information could theoretically be used to exploit weak time-based random number generators
in other services.

Log Method
Details:ICMP Timestamp Detection
OID:1.3.6.1.4.1.25623.1.0.103190

References
CVE: CVE-1999-0524
Other:
URL:http://www.ietf.org/rfc/rfc0792.txt
[ return to 192.168.6.1 ]
2.2.6 Log 80/tcp
Log (CVSS: 0.0)

NVT: HTTP Server type and version
Summary
This detects the HTTP Servers type and version.

The remote web server type is :
cisco-IOS
Solution
Log Method
Details:HTTP Server type and version
OID:1.3.6.1.4.1.25623.1.0.10107
Log (CVSS: 0.0)

NVT: DIRB (NASL wrapper)
Summary
This script uses DIRB to find directories and files on web applications via brute forcing. See the
preferences section for configuration options.

This are the directories/files found with brute force:
http://192.168.6.1:80/
Log Method
Details:DIRB (NASL wrapper)
OID:1.3.6.1.4.1.25623.1.0.103079
Log (CVSS: 0.0)

NVT: Services
Summary

A web server is running on this port
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Log (CVSS: 0.0)

NVT: CGI Scanning Consolidation
Summary
The script consolidates various information for CGI scanning.
This information is based on the following scripts / settings:
- Web mirroring / webmirror.nasl (OID: 1.3.6.1.4.1.25623.1.0.10662)
- Various OS fingerprinting methods

The host seems to be NOT able to host PHP scripts.
The host seems to be NOT able to host ASP scripts.
The following directories require authentication and are tested by the script "H
,TTP Brute Force Logins with default Credentials (OID: 1.3.6.1.4.1.25623.1.0.10
,8041)":
http://192.168.6.1/
The following directories were used for CGI scanning:
http://192.168.6.1/
http://192.168.6.1/cgi-bin
http://192.168.6.1/scripts
While this is not, in and of itself, a bug, you should manually inspect these di
,rectories to ensure that they are in compliance with company security standard
,s
Log Method
Details:CGI Scanning Consolidation
OID:1.3.6.1.4.1.25623.1.0.111038
[ return to 192.168.6.1 ]
2.2.7 Log 443/tcp
Log (CVSS: 0.0)

NVT: Services
Summary

An unknown service is running on this port.
It is usually reserved for HTTPS
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Non Weak Cipher Suites
Summary
This routine reports all Non Weak SSL/TLS cipher suites accepted by a service.

Non Weak cipher suites accepted by this service via the SSLv3 protocol:
TLS_RSA_WITH_DES_CBC_SHA
Log Method
Details:SSL/TLS: Report Non Weak Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.103441
Log (CVSS: 0.0)

NVT: SSL/TLS: Perfect Forward Secrecy Cipher Suites Missing
Summary
The remote service is missing support for SSL/TLS cipher suites supporting Perfect Forward
Secrecy.


The remote service does not support perfect forward secrecy cipher suites.
Log Method
Details:SSL/TLS: Perfect Forward Secrecy Cipher Suites Missing
OID:1.3.6.1.4.1.25623.1.0.105092
Log (CVSS: 0.0)

NVT: Identify Unknown Services with nmap
Summary
This plugin performs service detection by launching nmaps service probe (nmap -sV) against
ports that are running unidentified services.

Nmap service detection result for this port: ssl|https
This is a guess. A confident identification of the service was not possible.
Log Method
Details:Identify Unknown Services with nmap
OID:1.3.6.1.4.1.25623.1.0.66286
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Supported Cipher Suites
Summary
This routine reports all SSL/TLS cipher suites accepted by a service.
As the NVT SSL/TLS: Check Supported Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.900234)
might run into a timeout the actual reporting of all accepted cipher suites takes place in this
NVT instead. The script preference Report timeout allows you to configure if such an timeout
is reported.

No Strong cipher suites accepted by this service via the SSLv3 protocol.
Medium cipher suites accepted by this service via the SSLv3 protocol:
Weak cipher suites accepted by this service via the SSLv3 protocol:
No Null cipher suites accepted by this service via the SSLv3 protocol.
Log Method
Details:SSL/TLS: Report Supported Cipher Suites

OID:1.3.6.1.4.1.25623.1.0.802067
Log (CVSS: 0.0)

NVT: SSL/TLS: Report Medium Cipher Suites
Summary
This routine reports all Medium SSL/TLS cipher suites accepted by a service.

Medium cipher suites accepted by this service via the SSLv3 protocol:
Any cipher suite considered to be secure for only the next 10 years is considered as medium
Log Method
Details:SSL/TLS: Report Medium Cipher Suites
OID:1.3.6.1.4.1.25623.1.0.902816
[ return to 192.168.6.1 ]
2.2.8 Log general/tcp
Log (CVSS: 0.0)

NVT: OS Detection Consolidation and Reporting
Summary
This script consolidates the OS information detected by several NVTs and tries to find the best
matching OS.
Furthermore it reports all previously collected information leading to this best matching OS. It
also reports possible additional informations which might help to improve the OS detection.
If any of this information is wrong or could be improved please consider to report these to
openvas-plugins@wald.intevation.org.

Best matching OS:
OS: Cisco
CPE: cpe:/o:cisco
Found by NVT: 1.3.6.1.4.1.25623.1.0.105586 (SSH OS Identification)
Concluded from SSH banner on port 22/tcp: SSH-1.99-Cisco-1.25
Setting key "Host/runs_unknown" based on this information
Other OS detections (in order of reliability):

OS: Cisco IOS
CPE: cpe:/o:cisco:ios
Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting)
Concluded from ICMP based OS fingerprint:
(83% confidence)
Cisco IOS
Unknown banners have been collected which might help to identify the OS running
,on this host. If these banners containing information about the host OS please
, report the following information to openvas-plugins@wald.intevation.org:
Banner: # Nmap 7.40 scan initiated Fri Mar 17 21:13:23 2017 as: nmap -n -Pn -sV
,-oN /tmp/nmap-192.168.6.1-521083559 -O --osscan-limit -p 443,80,22,21,25,12440
,,26724,37753 192.168.6.1
Nmap scan report for 192.168.6.1
Host is up (0.0025s latency).
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp open ssh Cisco SSH 1.25 (protocol 1.99)
25/tcp closed smtp
80/tcp open http Cisco IOS http config
443/tcp open ssl/https?
12440/tcp closed unknown
Device type: firewall
Running (JUST GUESSING): Fortinet embedded (85%)
OS CPE: cpe:/h:fortinet:fortigate_100d
Aggressive OS guesses: Fortinet FortiGate 100D firewall (85%)
No exact OS matches for host (test conditions non-ideal).
Service Info: OS: IOS; CPE: cpe:/o:cisco:ios
OS and Service detection performed. Please report any incorrect results at https
,://nmap.org/submit/ .
# Nmap done at Fri Mar 17 21:13:56 2017 -- 1 IP address (1 host up) scanned in 3
,4.43 seconds
Identified from: Nmap TCP/IP fingerprinting
Banner: Server: cisco-IOS
Identified from: HTTP Server banner on port 80/tcp
Log Method
Details:OS Detection Consolidation and Reporting
OID:1.3.6.1.4.1.25623.1.0.105937
Log (CVSS: 0.0)

NVT: Traceroute
Summary

A traceroute from the scanning server to the target system was conducted. This traceroute
is provided primarily for informational value only. In the vast majority of cases, it does not
represent a vulnerability. However, if the displayed traceroute contains any private addresses
that should not have been publicly visible, then you have an issue you need to correct.

Here is the route from 10.10.141.20 to 192.168.6.1:
10.10.141.20
192.168.214.1
192.168.6.1
Solution
Block unwanted packets from escaping your network.
Log Method
Details:Traceroute
OID:1.3.6.1.4.1.25623.1.0.51662
[ return to 192.168.6.1 ]
2.2.9 Log 22/tcp
Log (CVSS: 0.0)

NVT: SSH Protocol Versions Supported
Summary
Identification of SSH protocol versions supported by the remote SSH Server. Also reads the
corresponding fingerprints from the service.
The following versions are tried: 1.33, 1.5, 1.99 and 2.0

The remote SSH Server supports the following SSH Protocol Versions:
1.99
1.5
2.0
1.33
SSHv1 Fingerprint: a2:c7:6f:f5:10:21:ee:e7:3f:ed:d3:bc:d6:5d:ff:f1
SSHv2 Fingerprint:
ssh-rsa: 2e:1f:bd:1a:51:83:d6:45:e6:5b:36:70:2f:40:c2:59
Log Method
Details:SSH Protocol Versions Supported
OID:1.3.6.1.4.1.25623.1.0.100259
Log (CVSS: 0.0)

NVT: SSH Server type and version
Summary
This detects the SSH Servers type and version by connecting to the server and processing the
buffer received.
This information gives potential attackers additional information about the system they are
attacking. Versions and Types should be omitted where possible.

Detected SSH server version: SSH-1.99-Cisco-1.25
Remote SSH supported authentication: password,keyboard-interactive
Remote SSH banner:
################################################################################
,
## WARNING THIS IS A PRIVATELY OWNED SYSTEM! ##
,
################################################################################
,
## ##
,
## Warning this is a privately owned system that is not for public access. ##
,
## Only authorized individuals of the organization that owns this system ##
,
## are permitted to access this system. You know if you have or have not ##
,
## been granted access to this system. Individuals using this computer ##
,
## system without being given the explicity authority to do so, or are ##
,
## in excess of their authority, will be prosecuted to the fullest extent ##
,
## of state and federal law. ##
,
## ##
,
## All individuals using this computer system are required to adhere at ##
,
## all times to all of the organizations policies including but not ##
,
## limited to the Code of Conduct and the Network Usage Policy. All ##
,
## individuals using this system are subject to having all of their ##
,
## activites on this system and or any connected system recorded by ##
,

## explicity authorized individuals within the organization. All individuals ##
,
## using this system expressly consents to such monitoring and it is advised ##
,
## that if such monitoring reveals possible evidence of crimincal activity ##
,
## or a violation of the organizations policies, explicity authorized ##
,
## individuals withinthe organization may provide the evidence of such ##
,
## monitoring to law enforcement officials. ##
,
## ##
,
################################################################################
,
Concluded from remote connection attempt with credentials:
Login: VulnScan
Password: VulnScan
Log Method
Details:SSH Server type and version
OID:1.3.6.1.4.1.25623.1.0.10267
Log (CVSS: 0.0)

NVT: Services
Summary

An ssh server is running on this port
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Log (CVSS: 0.0)

NVT: SSH Protocol Algorithms Supported
Summary

This script detects which algorithms and languages are supported by the remote SSH Service

The following options are supported by the remote ssh service:
kex_algorithms:
diffie-hellman-group1-sha1
server_host_key_algorithms:
ssh-rsa
encryption_algorithms_client_to_server:
aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
encryption_algorithms_server_to_client:
aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
mac_algorithms_client_to_server:
hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
mac_algorithms_server_to_client:
hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
compression_algorithms_client_to_server:
none
compression_algorithms_server_to_client:
none
Log Method
Details:SSH Protocol Algorithms Supported
OID:1.3.6.1.4.1.25623.1.0.105565
[ return to 192.168.6.1 ]
2.2.10 Log general/CPE-T
Log (CVSS: 0.0)

NVT: CPE Inventory
Summary
This routine uses information collected by other routines about CPE identities
(http://cpe.mitre.org/) of operating systems, services and applications detected during
the scan.

192.168.6.1|cpe:/o:cisco
Log Method
Details:CPE Inventory
OID:1.3.6.1.4.1.25623.1.0.810002
[ return to 192.168.6.1 ]
This file was automatically generated.

Scan of Freds

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Scan of Freds

Diunggah oleh

Hak Cipta:

Format Tersedia

Scan Report

March 17, 2017

2 Results per Host 2

2.2.6 Log 80/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Host High Medium Low Log False Positive

Vendor security updates are not trusted.

2 Results per Host

Service (Port) Threat Level

2.1.1 High 445/tcp

. . . continued from previous page . . .

High (CVSS: 10.0)

Vulnerability Detection Result

Vulnerability Detection Method

2.1.2 Medium 135/tcp

Medium (CVSS: 5.0)

Vulnerability Detection Result

. . . continued from previous page . . .

. . . continued from previous page . . .

Vulnerability Detection Method

2.1.3 Medium 3389/tcp

Medium (CVSS: 4.3)

Vulnerability Detection Result

. . . continued from previous page . . .

Vulnerability Detection Method

Medium (CVSS: 4.0)

Vulnerability Detection Result

. . . continued from previous page . . .

Vulnerability Detection Method

Medium (CVSS: 4.0)

Vulnerability Detection Result

Vulnerability Detection Method

2.1.4 Low general/tcp

Low (CVSS: 2.6)

Vulnerability Detection Result

Vulnerability Detection Method

2.1.5 Log general/tcp

Log (CVSS: 0.0)

Vulnerability Detection Result

Log (CVSS: 0.0)

. . . continued from previous page . . .

Vulnerability Detection Result

2.1.6 Log 135/tcp

Log (CVSS: 0.0)

Vulnerability Detection Result

. . . continued from previous page . . .

2.1.7 Log 5432/tcp

Log (CVSS: 0.0)

Vulnerability Detection Result

Log (CVSS: 0.0)

Vulnerability Detection Result

2.1.8 Log 3389/tcp

Log (CVSS: 0.0)

Vulnerability Detection Result

Log (CVSS: 0.0)

Vulnerability Detection Result

Log (CVSS: 0.0)

Vulnerability Detection Result

. . . continues on next page . . .

. . . continued from previous page . . .

Log (CVSS: 0.0)

Vulnerability Detection Result

. . . continued from previous page . . .

Log (CVSS: 0.0)