Nessus - BNRM - rvnh31

Nessus Report
Nessus Scan Report

23/Feb/2015:12:29:35
Nessus Home: Commercial use of the report is prohibited
Any time Nessus is used in a commercial environment you MUST maintain an active
subscription to the Nessus Feed in order to be compliant with our license agreement:
http://www.tenable.com/products/nessus
Table Of Contents
Hosts Summary (Executive).................................................................................................3
192.168.1.1.................................................................................................................................................................. 4
192.168.1.12................................................................................................................................................................ 6
192.168.1.13................................................................................................................................................................ 7
192.168.1.15................................................................................................................................................................ 8
192.168.1.17.............................................................................................................................................................. 10
192.168.1.18.............................................................................................................................................................. 11
192.168.1.19.............................................................................................................................................................. 12
192.168.1.24.............................................................................................................................................................. 13
192.168.1.111............................................................................................................................................................ 14
Hosts Summary (Executive)
192.168.1.1
Summary
Critical
High
Medium
Low
Info
Total
13
26
42
Details
Severity
Plugin Id
Name
Medium (6.4)
51192
SSL Certificate Cannot Be Trusted
Medium (6.4)
57582
SSL Self-Signed Certificate
Medium (5.8)
42880
SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
Medium (5.0)
10297
Web Server Directory Traversal Arbitrary File Access
Medium (5.0)
10505
Apache WebDAV Module PROPFIND Arbitrary Directory Listing
Medium (5.0)
12217
DNS Server Cache Snooping Remote Information Disclosure
Medium (5.0)
20007
SSL Version 2 and 3 Protocol Detection
Medium (5.0)
45411
SSL Certificate with Wrong Hostname
Medium (5.0)
57608
SMB Signing Required
Medium (4.3)
26928
SSL Weak Cipher Suites Supported
Medium (4.3)
42873
SSL Medium Strength Cipher Suites Supported
Medium (4.3)
44135
Web Server Generic Cookie Injection
Medium (4.0)
35291
SSL Certificate Signed using Weak Hashing Algorithm
Low (3.2)
50686
IP Forwarding Enabled
Low (2.6)
42263
Unencrypted Telnet Server
Low (2.6)
65821
SSL RC4 Cipher Suites Supported
Info
10107
HTTP Server Type and Version
Info
10114
ICMP Timestamp Request Remote Date Disclosure
Info
10150
Windows NetBIOS / SMB Remote Host Information Disclosure
Info
10281
Telnet Server Detection
Info
10287
Traceroute Information
Info
10863
SSL Certificate Information
Info
10919
Open Port Re-check
Info
11002
DNS Server Detection
Info
11011
Microsoft Windows SMB Service Detection
Info
11219
Nessus SYN scanner
Info
11424
WebDAV Detection
Info
11936
OS Identification
Info
12053
Host Fully Qualified Domain Name (FQDN) Resolution
Info
19506
Nessus Scan Information
Info
21643
SSL Cipher Suites Supported
Info
22964
Service Detection
Info
24260
HyperText Transfer Protocol (HTTP) Information
Info
25220
TCP/IP Timestamps Supported
Info
35716
Ethernet Card Manufacturer Detection
Info
43111
HTTP Methods Allowed (per directory)
Info
45410
SSL Certificate commonName Mismatch
Info
45590
Common Platform Enumeration (CPE)
Info
54615
Device Type
Info
56984
SSL / TLS Versions Supported
Info
62563
SSL Compression Methods Supported
Info
70544
SSL Cipher Block Chaining Cipher Suites Supported
192.168.1.12
Summary
Critical
High
Medium
Low
Info
Total
12
12
Details
Severity
Plugin Id
Name
Info
10287
Info
10919
Open Port Re-check
Info
11219
Nessus SYN scanner
Info
12053
Info
19506
Info
19772
Skype Detection
Info
21208
Skype Stack Version Detection
Info
22964
Service Detection
Info
25220
Info
35716
Info
45590
Info
66717
mDNS Detection (Local Network)
192.168.1.13
Summary
Critical
High
Medium
Low
Info
Total
16
19
Details
Severity
Plugin Id
Name
High (7.5)
41028
SNMP Agent Default Community Name (public)
Medium (5.0)
76474
SNMP 'GETBULK' Reflection DDoS
Low (2.6)
42263
Unencrypted Telnet Server
Info
10107
Info
10114
Info
10281
Telnet Server Detection
Info
10287
Info
10551
SNMP Request Network Interfaces Enumeration
Info
11819
TFTP Daemon Detection
Info
11936
OS Identification
Info
12053
Info
14274
Nessus SNMP Scanner
Info
19506
Info
22964
Service Detection
Info
25220
Info
35296
SNMP Protocol Version Detection
Info
35716
Info
40448
SNMP Supported Protocols Detection
Info
54615
Device Type
192.168.1.15
Summary
Critical
High
Medium
Low
Info
Total
34
37
Details
Severity
Plugin Id
Name
Medium (6.4)
51192
SSL Certificate Cannot Be Trusted
Medium (6.4)
57582
SSL Self-Signed Certificate
Medium (5.0)
10677
Apache mod_status /server-status Information Disclosure
Info
10107
Info
10147
Nessus Server Detection
Info
10302
Web Server robots.txt Information Disclosure
Info
10386
Web Server No 404 Error Code Check
Info
10863
SSL Certificate Information
Info
11936
OS Identification
Info
12053
Info
12634
Authenticated Check : OS Name and Installed Package Enumeration
Info
14272
netstat portscanner (SSH)
Info
19506
Info
21643
SSL Cipher Suites Supported
Info
22869
Software Enumeration (SSH)
Info
22964
Service Detection
Info
24260
HyperText Transfer Protocol (HTTP) Information
Info
25202
Enumerate IPv6 Interfaces via SSH
Info
25203
Enumerate IPv4 Interfaces via SSH
Info
33276
Enumerate MAC Addresses via SSH
Info
35716
Info
39521
Backported Security Patch Detection (WWW)
Info
42822
Strict Transport Security (STS) Detection
Info
45410
SSL Certificate commonName Mismatch
Info
45590
Info
48243
PHP Version
Info
50845
OpenSSL Detection
Info
54615
Device Type
Info
55472
Device Hostname
Info
56468
Time of Last System Startup
Info
56984
SSL / TLS Versions Supported
Info
57041
SSL Perfect Forward Secrecy Cipher Suites Supported
Info
58651
Netstat Active Connections
Info
62563
SSL Compression Methods Supported
Info
62564
TLS Next Protocols Supported
Info
64582
Netstat Connection Information
Info
70544
SSL Cipher Block Chaining Cipher Suites Supported
192.168.1.17
Summary
Critical
High
Medium
Low
Info
Total
22
24
Details
Severity
Plugin Id
Name
Critical (10.0)
53514
MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code

Execution (2509553) (remote check)
Medium (5.0)
57608
Info
10114
Info
10150
Info
10287
Info
10394
Microsoft Windows SMB Log In Possible
Info
10397
Microsoft Windows SMB LanMan Pipe Server Listing Disclosure
Info
10736
DCE Services Enumeration
Info
10785
Microsoft Windows SMB NativeLanManager Remote System Information

Disclosure
Info
10919
Open Port Re-check
Info
11011
Info
11153
Service Detection (HELP Request)
Info
11219
Nessus SYN scanner
Info
11936
OS Identification
Info
12053
Info
19506
Info
24786
Nessus Windows Scan Not Performed with Admin Privileges
Info
25220
Info
26917
Microsoft Windows SMB Registry : Nessus Cannot Access the Windows

Registry
Info
35716
Info
45590
Info
46180
Additional DNS Hostnames
Info
53513
Link-Local Multicast Name Resolution (LLMNR) Detection
Info
54615
Device Type
10
192.168.1.18
Summary
Critical
High
Medium
Low
Info
Total
21
22
Details
Severity
Plugin Id
Name
Medium (5.0)
57608
Info
10150
Info
10287
Info
10394
Info
10397
Microsoft Windows SMB LanMan Pipe Server Listing Disclosure
Info
10919
Open Port Re-check
Info
11011
Info
11153
Info
11219
Nessus SYN scanner
Info
11936
OS Identification
Info
12053
Info
19506
Info
19772
Skype Detection
Info
21208
Skype Stack Version Detection
Info
22964
Service Detection
Info
24786
Info
25220
Info
26917

Registry
Info
35716
Info
45590
Info
53513
Link-Local Multicast Name Resolution (LLMNR) Detection
Info
54615
Device Type
11
192.168.1.19
Summary
Critical
High
Medium
Low
Info
Total
20
23
Details
Severity
Plugin Id
Name
Critical (10.0)
73182
Microsoft Windows XP Unsupported Installation Detection
Medium (5.0)
26920
Microsoft Windows SMB NULL Session Authentication
Medium (5.0)
57608
Info
10114
Info
10150
Info
10287
Info
10394
Info
10785

Disclosure
Info
10884
Network Time Protocol (NTP) Server Detection
Info
10919
Open Port Re-check
Info
11011
Info
11153
Info
11219
Nessus SYN scanner
Info
11936
OS Identification
Info
12053
Info
19506
Info
24786
Info
25220
Info
26917

Registry
Info
35716
Info
45590
Info
46180
Additional DNS Hostnames
Info
54615
Device Type
12
192.168.1.24
Summary
Critical
High
Medium
Low
Info
Total
Details
Severity
Plugin Id
Name
Info
12053
Info
19506
Info
35716
13
192.168.1.111
Summary
Critical
High
Medium
Low
Info
Total
20
21
Details
Severity
Plugin Id
Name
Critical (10.0)
40887
MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback()

Vulnerability (975497) (uncredentialed check)
Info
10150
Info
10287
Info
10394
Info
10736
DCE Services Enumeration
Info
10785

Disclosure
Info
10884
Network Time Protocol (NTP) Server Detection
Info
11011
Info
11219
Nessus SYN scanner
Info
11936
OS Identification
Info
19506
Info
20870
LDAP Server Detection
Info
22964
Service Detection
Info
24786
Info
25220
Info
25701
LDAP Crafted Search Request Server Information Disclosure
Info
26917

Registry
Info
35716
Info
43829
Kerberos Information Disclosure
Info
45590
Info
54615
Device Type
14

Nessus - BNRM - rvnh31

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nessus - BNRM - rvnh31

Uploaded by

Copyright:

Available Formats

Nessus Report

Nessus Scan Report

Hosts Summary (Executive)

SSL Certificate Cannot Be Trusted

SSL Self-Signed Certificate

SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection

Web Server Directory Traversal Arbitrary File Access

Apache WebDAV Module PROPFIND Arbitrary Directory Listing

DNS Server Cache Snooping Remote Information Disclosure

SSL Version 2 and 3 Protocol Detection

SSL Certificate with Wrong Hostname

SMB Signing Required

SSL Weak Cipher Suites Supported

SSL Medium Strength Cipher Suites Supported

Web Server Generic Cookie Injection

SSL Certificate Signed using Weak Hashing Algorithm

Unencrypted Telnet Server

SSL RC4 Cipher Suites Supported

HTTP Server Type and Version

ICMP Timestamp Request Remote Date Disclosure

Windows NetBIOS / SMB Remote Host Information Disclosure

Telnet Server Detection

SSL Certificate Information

Open Port Re-check

DNS Server Detection

Microsoft Windows SMB Service Detection

Nessus SYN scanner

Host Fully Qualified Domain Name (FQDN) Resolution

Nessus Scan Information

SSL Cipher Suites Supported

HyperText Transfer Protocol (HTTP) Information

TCP/IP Timestamps Supported

Ethernet Card Manufacturer Detection

HTTP Methods Allowed (per directory)

SSL Certificate commonName Mismatch

Common Platform Enumeration (CPE)

SSL / TLS Versions Supported

SSL Compression Methods Supported

SSL Cipher Block Chaining Cipher Suites Supported

Open Port Re-check

Nessus SYN scanner

Host Fully Qualified Domain Name (FQDN) Resolution

Nessus Scan Information

Skype Stack Version Detection

TCP/IP Timestamps Supported

Ethernet Card Manufacturer Detection

Common Platform Enumeration (CPE)

mDNS Detection (Local Network)

SNMP Agent Default Community Name (public)

SNMP 'GETBULK' Reflection DDoS

Unencrypted Telnet Server

HTTP Server Type and Version

ICMP Timestamp Request Remote Date Disclosure

Telnet Server Detection

SNMP Request Network Interfaces Enumeration

TFTP Daemon Detection

Host Fully Qualified Domain Name (FQDN) Resolution

Nessus SNMP Scanner

Nessus Scan Information

TCP/IP Timestamps Supported

SNMP Protocol Version Detection

Ethernet Card Manufacturer Detection

SNMP Supported Protocols Detection