SummaryThis document reports on the results of an automatic security scan. The report first summarises the results found. Then, for each host, the report describes every issue found. Please consider the advice given in each description, in order to rectify the issue. Vendor security updates are not trusted. Overrides are on. When a result has an override, this report uses the threat of the override. Notes are included in the report. This report might not show details of all issues that were found. It only lists hosts that produced issues. Issues with the threat level "Debug" are not shown. Issues with the threat level "False Positive" are not shown. This report contains all 22 results selected by the filtering described above. Before filtering there were 22 results.
Host Summary
Results per HostHost 10.0.0.138
Port Summary for Host 10.0.0.138
Security Issues for Host 10.0.0.13853/tcp
Low
(CVSS: 3.3)
NVT:
DNS Server on UDP and TCP
(OID: 1.3.6.1.4.1.25623.1.0.18356)
Summary
A DNS server is running on this port but it only answers to UDP requests. This means that TCP requests are blocked by a firewall. This configuration is incorrect: TCP might be used by any request, it is not restricted to zone transfers. Read RFC1035 or STD0013 for more information.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Vulnerability Detection Method
Details: DNS Server on UDP and TCP (OID: 1.3.6.1.4.1.25623.1.0.18356) Version used: $Revision: 1048 $ general/CPE-T
Log
(CVSS: 0.0)
NVT:
CPE Inventory
(OID: 1.3.6.1.4.1.25623.1.0.810002)
Summary
This routine uses information collected by other routines about CPE identities (http://cpe.mitre.org/) of operating systems, services and applications detected during the scan.
Vulnerability Detection Result
10.0.0.138|cpe:/a:matt_johnston:dropbear_ssh_server:0.46 10.0.0.138|cpe:/h:hp:jetdirect
Log Method
Details: CPE Inventory (OID: 1.3.6.1.4.1.25623.1.0.810002) Version used: $Revision: 314 $ general/SMBClient
Log
(CVSS: 0.0)
NVT:
SMB Test
(OID: 1.3.6.1.4.1.25623.1.0.90011)
Summary
Test remote host SMB Functions
Vulnerability Detection Result
OS Version = UNIX Domain = WORKGROUP SMB Serverversion = SAMBA 3.0.37
Log Method
Details: SMB Test (OID: 1.3.6.1.4.1.25623.1.0.90011) Version used: $Revision: 16 $ general/tcp
Log
(CVSS: 0.0)
NVT:
OS fingerprinting
(OID: 1.3.6.1.4.1.25623.1.0.102002)
Summary
This script performs ICMP based OS fingerprinting (as described by Ofir Arkin and Fyodor Yarochkin in Phrack #57). It can be used to determine remote operating system version.
Vulnerability Detection Result
ICMP based OS fingerprint results: (70% confidence) HP JetDirect
Log Method
Details: OS fingerprinting (OID: 1.3.6.1.4.1.25623.1.0.102002) Version used: $Revision: 43 $
References
general/tcp
Log
(CVSS: 0.0)
NVT:
Traceroute
(OID: 1.3.6.1.4.1.25623.1.0.51662)
Summary
A traceroute from the scanning server to the target system was conducted. This traceroute is provided primarily for informational value only. In the vast majority of cases, it does not represent a vulnerability. However, if the displayed traceroute contains any private addresses that should not have been publicly visible, then you have an issue you need to correct.
Vulnerability Detection Result
Here is the route from 192.168.237.130 to 10.0.0.138: 192.168.237.130 10.0.0.138
Solution
Block unwanted packets from escaping your network.
Log Method
Details: Traceroute (OID: 1.3.6.1.4.1.25623.1.0.51662) Version used: $Revision: 975 $ 21/tcp
Log
(CVSS: 0.0)
NVT:
FTP Banner Detection
(OID: 1.3.6.1.4.1.25623.1.0.10092)
Summary
This Plugin detects the FTP Server Banner
Vulnerability Detection Result
Remote FTP server banner : 220 Welcome to the FTP utility
Log Method
Details: FTP Banner Detection (OID: 1.3.6.1.4.1.25623.1.0.10092) Version used: $Revision: 563 $ 21/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An FTP server is running on this port. Here is its banner : 220 Welcome to the FTP utility
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
SSH Protocol Versions Supported
(OID: 1.3.6.1.4.1.25623.1.0.100259)
Summary
Identification of SSH protocol versions supported by the remote SSH Server. Also reads the corresponding fingerprints from the service. The following versions are tried: 1.33, 1.5, 1.99 and 2.0
Vulnerability Detection Result
The remote SSH Server supports the following SSH Protocol Versions: 1.99 1.5 2.0 1.33 SSHv1 Fingerprint: 17:05:dd:72:ad:e3:e3:cc:af:31:44:72:ed:cf:a5:e5
Log Method
Details: SSH Protocol Versions Supported (OID: 1.3.6.1.4.1.25623.1.0.100259) Version used: $Revision: 43 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
SSH Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10267)
Summary
This detects the SSH Server's type and version by connecting to the server and processing the buffer received. This information gives potential attackers additional information about the system they are attacking. Versions and Types should be omitted where possible.
Vulnerability Detection Result
Detected SSH server version: SSH-2.0-dropbear_0.46 Remote SSH supported authentication: password,publickey Remote SSH banner: (not available) CPE: Concluded from remote connection attempt with credentials: Login: OpenVAS Password: OpenVAS
Solution
Apply filtering to disallow access to this port from untrusted hosts
Log Method
Details: SSH Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10267) Version used: $Revision: 971 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
An ssh server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 22/tcp
Log
(CVSS: 0.0)
NVT:
Dropbear SSH Detection
(OID: 1.3.6.1.4.1.25623.1.0.105112)
Summary
The script sends a connection request to the server and attempts to extract the version number from the reply.
Vulnerability Detection Result
Detected Dropbear Version: 0.46 Location: 22/tcp CPE: cpe:/a:matt_johnston:dropbear_ssh_server:0.46 Concluded from version identification result: SSH-2.0-dropbear_0.46
Log Method
Details: Dropbear SSH Detection (OID: 1.3.6.1.4.1.25623.1.0.105112) Version used: $Revision: 942 $ 23/tcp
Log
(CVSS: 0.0)
NVT:
Check for Telnet Server
(OID: 1.3.6.1.4.1.25623.1.0.100074)
Summary
A telnet Server is running at this host. Experts in computer security, such as SANS Institute, and the members of the comp.os.linux.security newsgroup recommend that the use of Telnet for remote logins should be discontinued under all normal circumstances, for the following reasons: * Telnet, by default, does not encrypt any data sent over the connection (including passwords), and so it is often practical to eavesdrop on the communications and use the password later for malicious purposes anybody who has access to a router, switch, hub or gateway located on the network between the two hosts where Telnet is being used can intercept the packets passing by and obtain login and password information (and whatever else is typed) with any of several common utilities like tcpdump and Wireshark. * Most implementations of Telnet have no authentication that would ensure communication is carried out between the two desired hosts and not intercepted in the middle. * Commonly used Telnet daemons have several vulnerabilities discovered over the years.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: Check for Telnet Server (OID: 1.3.6.1.4.1.25623.1.0.100074) Version used: $Revision: 43 $ 23/tcp
Log
(CVSS: 0.0)
NVT:
Detect Server type and version via Telnet
(OID: 1.3.6.1.4.1.25623.1.0.10281)
Summary
This detects the Telnet Server's type and version by connecting to the server and processing the buffer received. This information gives potential attackers additional information about the system they are attacking. Versions and Types should be omitted where possible.
Vulnerability Detection Result
Remote telnet banner : BCM96368 Broadband Router Login:
Solution
Change the login banner to something generic.
Log Method
Details: Detect Server type and version via Telnet (OID: 1.3.6.1.4.1.25623.1.0.10281) Version used: $Revision: 464 $ 23/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A telnet server seems to be running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 53/udp
Log
(CVSS: 0.0)
NVT:
DNS Server Detection
(OID: 1.3.6.1.4.1.25623.1.0.100069)
Summary
A DNS Server is running at this Host. A Name Server translates domain names into IP addresses. This makes it possible for a user to access a website by typing in the domain name instead of the website's actual IP address.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details: DNS Server Detection (OID: 1.3.6.1.4.1.25623.1.0.100069) Version used: $Revision: 488 $ 53/udp
Log
(CVSS: 0.0)
NVT:
Nominum Vantio Detection
(OID: 1.3.6.1.4.1.25623.1.0.100675)
Summary
Nominum Vantio, a recursive caching server from Nominumat, is running at this host.
Vulnerability Detection Result
Summary: Nominum Vantio, a recursive caching server from Nominumat, is running at this host.
Log Method
Details: Nominum Vantio Detection (OID: 1.3.6.1.4.1.25623.1.0.100675) Version used: $Revision: 14 $
References
80/tcp
Log
(CVSS: 0.0)
NVT:
HTTP Server type and version
(OID: 1.3.6.1.4.1.25623.1.0.10107)
Summary
This detects the HTTP Server's type and version.
Vulnerability Detection Result
The remote web server type is : micro_httpd
Solution
Configure your server to use an alternate name like 'Wintendo httpD w/Dotmatrix display' Be sure to remove common logos like apache_pb.gif. With Apache, you can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.
Log Method
Details: HTTP Server type and version (OID: 1.3.6.1.4.1.25623.1.0.10107) Version used: $Revision: 229 $ 80/tcp
Log
(CVSS: 0.0)
NVT:
Services
(OID: 1.3.6.1.4.1.25623.1.0.10330)
Summary
This plugin attempts to guess which service is running on the remote ports. For instance, it searches for a web server which could listen on another port than 80 and set the results in the plugins knowledge base.
Vulnerability Detection Result
A web server is running on this port
Log Method
Details: Services (OID: 1.3.6.1.4.1.25623.1.0.10330) Version used: $Revision: 69 $ 139/tcp
Log
(CVSS: 0.0)
NVT:
SMB log in
(OID: 1.3.6.1.4.1.25623.1.0.10394)
Summary
This script attempts to logon into the remote host using login/password credentials.
Vulnerability Detection Result
It was possible to log into the remote host using the SMB protocol.
Log Method
Details: SMB log in (OID: 1.3.6.1.4.1.25623.1.0.10394) Version used: $Revision: 1032 $ 139/tcp
Log
(CVSS: 0.0)
NVT:
SMB on port 445
(OID: 1.3.6.1.4.1.25623.1.0.11011)
Summary
This script detects wether port 445 and 139 are open and if thet are running SMB servers.
Vulnerability Detection Result
An SMB server is running on this port
Log Method
Details: SMB on port 445 (OID: 1.3.6.1.4.1.25623.1.0.11011) Version used: $Revision: 41 $ 139/tcp
Log
(CVSS: 0.0)
NVT:
Microsoft Windows SMB Accessible Shares
(OID: 1.3.6.1.4.1.25623.1.0.902425)
Summary
The script detects the Windows SMB Accessible Shares and sets the result into KB.
Vulnerability Detection Result
The following shares where found IPC$
Log Method
Details: Microsoft Windows SMB Accessible Shares (OID: 1.3.6.1.4.1.25623.1.0.902425) Version used: $Revision: 977 $ 1900/udp
Log
(CVSS: 0.0)
NVT:
MiniUPnPd Detection
(OID: 1.3.6.1.4.1.25623.1.0.103652)
Summary
Detection of the UPnP protocol. The script sends a UPnP discovery request and attempts to determine if the remote host supports the UPnP protocol
Vulnerability Detection Result
The remote Host supports the UPnP protocol. You should restrict access to port 1900/udp. The remote Host answers the following to a SSDP M-SEARCH request HTTP/1.1 200 OK Cache-Control: max-age=300 Date: Tue, 21 Apr 2015 18:29:43 GMT Ext: Location: http://10.0.0.138:1780/WFADevice.xml Server: POSIX UPnP/1.0 UPnP Stack/estimation 1.00 ST: urn:schemas-wifialliance-org:device:WFADevice:1 USN: uuid:39fc7555-b8f8-d660-d1fa-65f0838c2c02::urn:schemas-wifialliance-org:device:WFADev↵ ice:1
Log Method
Details: MiniUPnPd Detection (OID: 1.3.6.1.4.1.25623.1.0.103652) Version used: $Revision: 18 $
This file was automatically generated.
|