List of hosts - Columbia University
advertisement
List of hosts Medium Severity problem(s) found [^] Back 156.111.5.207 156.111.5.207 Scan Time Start time : Wed Oct 6 21:49:25 2010 End time : Wed Oct 6 21:52:36 2010 Number of vulnerabilities Open ports : 56 High : 0 Medium : 7 Low : Remote host information Operating System : NetBIOS name : 62 Solaris 10 (sparc) CTSA DNS name : [^] Back to 156.111.5.207 Port general (0/tcp) [-/+] Nessus Scan Information Information about this scan : Nessus version : 4.2.2 Plugin feed version : 201010061134 Type of plugin feed : ProfessionalFeed (Direct) Scanner IP : 156.111.60.83 Port scanner(s) : snmp_scanner Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : yes Optimize the test : yes CGI scanning : disabled Web application tests : disabled Max hosts : 40 Max checks : 5 Recv timeout : 5 Backports : Detected Scan Start Date : 2010/10/6 21:49 Scan duration : 191 sec Plugin ID: 19506 Ethernet card brand Synopsis: The manufacturer can be deduced from the Ethernet OUI. Description: Each ethernet MAC address starts with a 24-bit 'Organizationally Unique Identifier'. These OUI are registered by IEEE. Risk factor: None See also: http://standards.ieee.org/faqs/OUI.html See also: http://standards.ieee.org/regauth/oui/index.shtml Solution: n/a Plugin output: The following card manufacturers were identified : 00:14:4f:3b:50:fa : Sun Microsystems, Inc. 00:14:4f:3b:50:fa : Sun Microsystems, Inc. Plugin ID: 35716 Port pop3 (110/tcp) [-/+] Service Detection A POP3 server is running on this port. Plugin ID: 22964 POP Server Detection Synopsis: A POP server is listening on the remote port. Description: The remote host is running a server that understands the Post Office Protocol (POP), used by email clients to retrieve messages from a server, possibly across a network link. Risk factor: None See also: http://en.wikipedia.org/wiki/Post_Office_Protocol Solution: Disable this service if you do not use it. Plugin output: Remote POP server banner : +OK POP3 ctsa 2006e.96 server ready Plugin ID: 10185 Port rpc-portmapper (111/tcp) RPC Services Enumeration [-/+] Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2 Plugin ID: 11111 RPC portmapper Service Detection Synopsis: An ONC RPC portmapper is running on the remote host. Description: The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. Risk factor: None Solution: n/a Plugin ID: 10223 RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 111 : - program: 100000 (portmapper), version: 4 - program: 100000 (portmapper), version: 3 - program: 100000 (portmapper), version: 2 Plugin ID: 11111 Port slinkysearch? (1225/tcp) [-/+] Port netbios-ns (137/udp) [-/+] Port netbios-dgm? (138/udp) [-/+] Port smb (139/tcp) [-/+] Port imap (143/tcp) [-/+] IMAP Service STARTTLS Command Support Synopsis: The remote mail service supports encrypting traffic. Description: The remote IMAP service supports the use of the 'STARTTLS' command to switch from a plaintext to an encrypted communications channel. Risk factor: None See also: http://en.wikipedia.org/wiki/STARTTLS See also: http://tools.ietf.org/html/rfc2595 Solution: n/a Plugin output: Here is the IMAP server's SSL certificate that Nessus was able to collect after sending a 'STARTTLS' command : ------------------------------ snip ----------------------------- Subject Name: Country: US State/Province: New York Locality: New York City Organization: Columbia University Organization Unit: CTSA Common Name: ctsa.cpmc.columbia.edu Email Address: reidar@columbia.edu Issuer Name: Country: US State/Province: New York Locality: New York City Organization: Columbia University Organization Unit: CTSA Common Name: ctsa.cpmc.columbia.edu Email Address: reidar@columbia.edu Serial Number: 00 8C 9A EC 4B D1 89 B3 A4 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Apr 10 19:50:32 2009 GMT Not Valid After: Apr 08 19:50:32 2019 GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 C8 CA 5D 7F 0F DC C6 C3 4B C5 AE 34 B4 C2 08 75 4F CC 08 16 D1 59 B1 89 1F 2E 96 83 A6 DB 53 D4 4D 77 10 83 85 5F F2 78 12 60 48 61 1B 69 E2 51 0F 41 48 91 44 0D B9 90 C7 20 7B DA 59 26 A0 39 9E DB 4A 8E 69 D2 66 02 A1 AA 31 E8 8A DF AD BE 50 F6 09 1E 7E A3 8F B1 1F D4 E7 47 5A FD E1 EA 1A 04 0E D9 73 C3 11 C1 14 BD 94 13 79 5F B7 95 DE 9B EC 29 72 DA B3 9D 03 75 83 3A 8D FB EE C3 Exponent: 01 00 01 Signature: 00 72 AE E1 02 87 0F D7 DD 52 75 23 F1 F0 75 CC 29 67 B4 F0 66 FA CC 1A 29 88 03 A5 08 26 9B 84 50 D1 B0 9F AD 9C 30 B5 B4 8F 40 89 65 E2 B2 8C 75 3E 37 CA FC F3 9C 5D 83 B8 EB F6 D1 B7 20 D6 3F E4 65 CB 26 1E 1B AE E4 B6 68 16 C2 27 BF 5B 9B 48 BB 8E E8 2B 78 46 D0 7D BA A8 A2 F0 39 3F FA D0 62 8F 6B BF 81 67 3E 6E 9D 72 73 49 87 9A 14 45 67 C5 86 FE 9F 0B B2 BD BC F2 52 BF 55 D3 A7 Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: A8 0E 4D 77 AF DB D3 A2 31 2B F2 EE DC A7 A3 AF 61 62 AE 30 Extension: Authority Key Identifier (2.5.29.35) Critical: 0 Extension: Basic Constraints (2.5.29.19) Critical: 0 Data: 30 03 01 01 FF ------------------------------ snip ----------------------------Plugin ID: 42085 IMAP Service Banner Retrieval Synopsis: An IMAP server is running on the remote host. Description: An IMAP (Internet Message Access Protocol) server is installed and running on the remote host. Risk factor: None Solution: n/a Plugin output: The remote imap server banner is : * OK [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS LOGINDISABLED] ctsa IMAP4rev1 2006e.378 at Wed, 6 Oct 2010 21:50:14 -0400 (EDT) Plugin ID: 11414 Service Detection An IMAP server is running on this port. Plugin ID: 22964 Port saiscm? (1501/tcp) [-/+] Port www (1581/tcp) [-/+] Service Detection A web server is running on this port. Plugin ID: 22964 Port snmp (161/udp) [-/+] SNMP Agent Default Community Name (public) Synopsis: The community name of the remote SNMP server can be guessed. Description: It is possible to obtain the default community name of the remote SNMP server. An attacker may use this information to gain more knowledge about the remote host, or to change the configuration of the remote system (if the default community allow such modifications). Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Disable the SNMP service on the remote host if you do not use it, filter incoming UDP packets going to this port, or change the default community string. Plugin output: The remote SNMP server replies to the following default community string : - public Plugin ID: 41028 CVE: CVE-1999-0517 BID: 2112 Other references: OSVDB:209 SNMP Request Network Interfaces Enumeration Synopsis: The list of network interfaces cards of the remote host can be obtained via SNMP. Description: It is possible to obtain the list of the network interfaces installed on the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.2.1.0 An attacker may use this information to gain more knowledge about the target host. Risk factor: None Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: Interface 1 information : ifIndex : 1 ifDescr : lo0 ifPhysAddress : Interface 2 information : ifIndex : 2 ifDescr : ce0 ifPhysAddress : 00144f3b50fa Interface 3 information : ifIndex : 3 ifDescr : ce0:3 ifPhysAddress : 00144f3b50fa Plugin ID: 10551 SNMP Query Installed Software Disclosure Synopsis: The list of software installed on the remote host can be obtained via SNMP. Description: It is possible to obtain the list of installed software on the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.25.6.3.1.2 An attacker may use this information to gain more knowledge about the target host. Risk factor: None Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: SUNWocfd SUNWcsu SUNWcsr SUNWcsl SUNWcnetr SUNWckr SUNWkvm SUNWcar SUNWcakr FJSVvplu FJSVvplr FJSVhea SUNWcsd SUNWgssc SUNWgss SUNWzlib SUNWopenssl-libraries SUNWsshcu SUNWsshdr SUNWsshdu SUNWsshr SUNWsshu SUNWperl584core SUNWperl584usr SUNWesu SUNWlibC SUNWlibmsr SUNWlibms SUNWicu SUNWlexpt SUNWfontconfig-root SUNWfreetype2 SUNWfontconfig SUNWstsf SUNWstsfr SUNWwbsup SUNWinstall-patch-utils-root SUNWswmt SUNWxwrtl SUNWxwice SUNWbzip SUNWxwfnt SUNWxwdv SUNWxwplr SUNWcpp SUNWdtcor SUNWxwplt SUNWctpls SUNWmfrun SUNWj3rt SUNWlxml SUNWlibpopt SUNWxorg-clientlibs SUNWpng SUNWTiff SUNWjpg SUNWgnome-base-libs-root SUNWgnome-base-libsshare SUNWgnome-base-libs SUNWgnome-component-root SUNWgnome-component SUNWgnome-config-root SUNWgnome-configshare SUNWgnome-config SUNWgnome-vfs-root SUNWgnome-vfs-share SUNWgcmn SUNWsmbar SUNWsmbau SUNWgnome-vfs SUNWlibexif SUNWgnome-a11y-base-libs SUNWgnome-audio SUNWgnome-libs-root SUNWgnome-libs-share SUNWgnome-libs SUNWgnome-panel-root SUNWgnome-panel-share SUNWgnome-panel SUNWswupcl SUNWswupclr SUNWdtdmr SUNWtltk SUNWxwcft SUNWxwopt SUNWdtbas SUNWgzip SUNWj5rt SUNWocfr SUNWocf SUNWdtdte SUNWdtdmn SUNWdticn SUNWdthez SUNWfrhez SUNWib SUNWtavor SUNWj3dev SUNWtcatu SUNWtcatr SUNWdtim SUNWfrim SUNWeurf SUNWi15rf SUNWi15cs SUNWi1cs SUNWfriso1 SUNWadmlib-sysid SUNWadmr SUNWadmap SUNWmdr SUNWmdu SUNWadmc SUNWadmfr SUNWadmfw SUNWlur SUNWluu SUNWfrlu SUNWmoznspr SUNWmozilla SUNWfrmoz SUNWadmj SUNWwbapi SUNWaudit SUNWjsnmp SUNWwbcou SUNWjhrt SUNWmccom SUNWmcc SUNWmc SUNWwbmc SUNWmcdev SUNWfrsmc SUNWwbcor SUNWwbpro SUNWmga SUNWmgapp SUNWrmui SUNWfrmui SUNWtcpd SUNWtcsh SUNWfros SUNWtecla SUNWter SUNWpl5u SUNWtexi SUNWcpcu FJSVcpcu SUNWdtjxt SUNWjdsrm SUNWtftp SUNWkrbr SUNWkrbu SUNWtnetc SUNWbip SUNWrcmdc SUNWrcmds SUNWscpr SUNWscpu SUNWjmf SUNWdtscm SUNWdtdst SUNWpmu SUNWpmr SUNWpmowr SUNWpmowu SUNWfrpmw SUNWtftpr FJSVcsr SUNWfmd SUNWtiu8 FJSVfmd SUNWpr SUNWtls SUNWmdb FJSVmdb SUNWspl SUNWfrspl SUNWprd SUNWtlsd SUNWfrwbc SUNWtlsu SUNWmdbr FJSVmdbr FJSVpiclu SUNWdtwm SUNWfrwm SUNW1251f SUNW1394 SUNWproduct-registry-root SUNWwsr2 SUNWfrws2 SUNW1394h SUNWtoo SUNWtltkd SUNWwsrv SUNWfrwsv SUNW5xmft SUNWxwsvr SUNWfrxwsvr SUNWsadml SUNWfsadl SUNWtltkm SUNWGlib SUNWscgui SUNWfscgu SUNWtnamd SUNWGtkr SUNWtnamr SUNWtnetd SUNWfsfw SUNWGtku SUNWtnetr SUNWtnfc SUNWftltk SUNWPython-share SUNWPython SUNWxwacx SUNWfwacx SUNWtnfd SUNWowbcp SUNWfwbcp SUNWwbdev SUNWfwdev SUNWfxplt SUNWtxfnt SUNWlxsl SUNWgnome-help-viewer-share SUNWgnome-help-viewer SUNWgnomel10ndocument-de SUNWPython-devel SUNWTcl SUNWucbt SUNWudaplr SUNWudaplu SUNWipoib SUNWudapltu SUNWudapltr SUNWTiff-devel SUNWudfr SUNWudf SUNWTiff-devel-share SUNWaudd SUNWusb SUNWusbs SUNWuedg SUNWTk SUNWugen SUNWugenu SUNWuiu8 SUNWa2psr SUNWimagick SUNWbash SUNWpsutils SUNWa2psu SUNWdoc SUNWuium SUNWgnome-terminal-devel SUNWulcf SUNWgnome-terminal-devel-share SUNWgnome-terminal-root SUNWgnome-terminal-share SUNWaccr SUNWusbu SUNWxi18n SUNWxim SUNWuxlcf SUNWgnome-text-editor-root SUNWgnome-texteditor-share SUNWgnome-file-mgr-root SUNWgnome-file-mgr-share SUNWpcr SUNWpcu SUNWscplp SUNWgnome-print-root SUNWgnomeprint-share SUNWgnome-print SUNWgnome-file-mgr SUNWgnome-texteditor SUNWaccu SUNWvid SUNWgnome-text-editor-devel SUNWvld SUNWvldu SUNWaclg SUNWvolr SUNWgnome-l10ndocument-es SUNWnfsckr SUNWnfscr SUNWnfscu SUNWvolu SUNWant SUNWbcp SUNWcslr SUNWacroread SUNWgnome-themes-share SUNWgnomethemes SUNWwbdoc SUNWwebminr SUNWwebminu SUNWacroreadplugin SUNWgnome-ui-designer-share SUNWgnome-ui-designer SUNWgnome-l10ndocument-extra SUNWxge SUNWgnome-user-docs SUNWafbcf SUNWgnome-l10ndocument-fr SUNWgnome-utility-appletsroot SUNWgnome-utility-applets-share SUNWgnome-utility-applets SUNWafb SUNWafbr SUNWafbw SUNWgnome-vfs-devel SUNWgnomevfs-devel-share SUNWapbas SUNWgnome-wm-root SUNWgnome-wmshare SUNWgnome-wm SUNWapch2r SUNWapch2u SUNWapch2d SUNWgnome-wm-devel SUNWgnome-l10ndocument-it SUNWrsg SUNWgnome-xml-share SUNWgnome-xml-root SUNWwgetr SUNWlibgcrypt SUNWgnutls SUNWwgetu SUNWgnutls-devel SUNWgpch SUNWgsfot SUNWgsfst SUNWhpijs SUNWgimpprint SUNWgscr SUNWapchr SUNWapchu SUNWapchd SUNWxcu4 SUNWsprot SUNWxcu4t SUNWxcu6 SUNWxilrl SUNWxildh SUNWgssdh SUNWgssk SUNWapmsc SUNWapoc SUNWapcj SUNWxilh SUNWgtar SUNWxilow SUNWbtool SUNWapct SUNWhea SUNWgnome-l10ndocument-ja SUNWapdc SUNWxilvl SUNWapdc-root SUNWhiu8 SUNWxorgcompatlinks SUNWxwinc SUNWxorg-headers SUNWhmd SUNWjaf SUNWjmail SUNWxsrt SUNWxrgrt SUNWhmdu SUNWxrpcrt SUNWapocadapter-gconf SUNWi13rf SUNWxscreensaver-hacks SUNWarc SUNWarcr SUNWglrt SUNWxscreensaver-hacks-gl SUNWarrf SUNWi1of SUNWasac SUNWascmn SUNWgnome-l10ndocument-ko SUNWxwcsl SUNWasdb SUNWxwdim SUNWxwdem SUNWi2rf SUNWasdem SUNWxwdxm SUNWxwfa SUNWi4rf SUNWi5rf SUNWxwfs SUNWi7rf SUNWxwhl SUNWgnome-l10ndocument-ptBR SUNWxwkey SUNWxwman SUNWi8rf SUNWxwmod SUNWxwoft SUNWi9rf SUNWxwpft SUNWxwpsr SUNWxwpl SUNWgnome-l10ndocument-sv SUNWicud SUNWidnl SUNWidnd SUNWxwpmn SUNWidnu SUNWxwslb SUNWifbcf SUNWxwsrc SUNWifb SUNWifbr SUNWxwsrv SUNWfbc SUNWifbw SUNWluxop SUNWses SUNWssad SUNWifp SUNWxwxst SUNWxwxft SUNWifph SUNWnisr SUNWnisu SUNWypr SUNWiniu8 SUNWgnome-l10ndocumentzhCN SUNWypu SUNWzebrar SUNWinst SUNWzebrau SUNWzip SUNWipc SUNWzoner SUNWluzone SUNWpoolr SUNWpool SUNWzoneu SUNWzsh SUNWipfr SUNWasdemdb SUNWzuluc SUNWipfu SUNWzulu SUNWzulur SUNWipmi TSIpgx TSIpgxw SUNWzuluw SUNWpapi SUNWippcore SUNWipplr SUNWasjdoc SUNWipplu SUNWiqfs SUNWiquc SUNWiqum SUNWiqdoc SUNWgnome-l10ndocument-zhHK SUNWasman SMEvplr SUNWaspell-share SUNWaspell SMEvplu SUNWaspell-devel SUNWaspellen-share SUNWaspell-en SUNWiqjx SUNWiqr SUNWasr SUNWiqu SUNWast SUNWasu SUNWiscsir SUNWiscsiu SUNWloc SUNWislcc SUNWisolc SUNWixgb SUNWj3cfg SUNWced SUNWgnomel10ndocument-zhTW SUNWj3dmo SUNWcg6 SUNWcpc SUNWcpr SUNWasut SUNWcti2 SUNWj3rtx SUNWcvc SUNWj3dvx SUNWatfsr SUNWj3irt SUNWcvcr SUNWj3man SUNWatfsu SUNWefc SUNWdrcr SUNWauda SUNWdrr SUNWaudf SUNWgnome-l10nmessages-cs SUNWaudh SUNWffb SUNWgnome-l10nmessages-de SUNWpiclu SUNWfruid SUNWfruip SUNWciu8 SUNWjiu8 SUNWkiu8 SUNWautoef SUNWgnome-l10nmessages-es SUNWgfb SUNWav1394 SUNWj5cfg SUNWgnome-l10nmessages-extra SUNWj5dev SUNWglmr SUNWi2cr SUNWbart SUNWidn SUNWjfb SUNWbindr SUNWbind SUNWkmp2r SUNWgnome-l10nmessages-fr SUNWj5dmo SUNWbinutils SUNWgnomel10nmessages-hu SUNWluxd SUNWgnome-l10nmessages-it SUNWbipr SUNWgccruntime SUNWbison SUNWm64 SUNWgnome-l10nmessages-ja SUNWbnur SUNWgnome-l10nmessages-ko SUNWm64xr SUNWpfb SUNWgnome-l10nmessages-pl SUNWgnome-l10nmessages-ptBR SUNWbnuu SUNWpstl SUNWgnome-l10nmessages-ru SUNWsckm SUNWbsr SUNWsckmr SUNWsckmu SUNWbsu SUNWgnomel10nmessages-sv SUNWsfdr SUNWsfdrr SUNWgnome-l10nmessageszhCN SUNWcdrw SUNWj5rtx SUNWj5dmx SUNWsior SUNWgnomel10nmessages-zhHK SUNWstc SUNWcea SUNWus SUNWj5dvx SUNWgnome-l10nmessages-zhTW SUNWcedu SUNWwrsa SUNWj5man SUNWcfcl SUNWrsmo SUNWwrsm SUNWwrsd SUNWgttf SUNWcfclr SUNWcfpl SUNWwrsu SUNWcfplr SUNWcg6h SUNWlccom SUNWiiimu JSatsvu JSatsvr SUNWgttfe JSatsvw SUNWjai SUNW5ttf SUNWjaiimageio SUNWcnsr SUNWcnsu SUNWjato SUNW5ttfe SUNW5xfnt SUNWabcp SUNWjatodoc SUNWjatodmo SUNWale SUNWman SUNWaled SUNWgxfnt SUNWhacx SUNWhadis SUNWauaos SUNWauadt SUNWauaow SUNWcacx SUNWhadma SUNWjavaapps SUNWcadis SUNWhbcp SUNWdtab SUNWhdab SUNWcadma SUNWcamos SUNWcamdt SUNWhdbas SUNWjaxp SUNWcamow SUNWcasu SUNWnfssu SUNWdclnt SUNWhsmc SUNWhmga SUNWhdcl SUNWhddst SUNWjcom SUNWcbcp SUNWcstl SUNWjdic SUNWhddte SUNWcdab SUNWdtezt SUNWhdezt SUNWhdft SUNWcdbas SUNWjds-registration SUNWdhcsr SUNWdhcsu SUNWdhcm SUNWhdhcm SUNWdthe SUNWhdhe SUNWcsmc SUNWcmga SUNWcdcl SUNWjdsver SUNWlpmsg SUNWpsr SUNWpsu SUNWppm SUNWpsf SUNWmp SUNWctlu SUNWdthev SUNWhdhev SUNWcxmft SUNWjfbcf SUNWcddst SUNWjfbr SUNWjfbw SUNWhdhez SUNWcddte SUNWjfca SUNWdcsr SUNWdcsu SUNWhdicn SUNWdfbh SUNWhdim SUNWjfcau SUNWhdt SUNWjhdoc SUNWjhdem SUNWcdezt SUNWhdwm SUNWcdft SUNWdhcsb SUNWhepmw SUNWcdhcm SUNWjhdev SUNWfdl SUNWhfdl SUNWhimoz SUNWcdhe SUNWdial SUNWjib SUNWcdhev SUNWhksmc SUNWhkmga SUNWhkdcl SUNWhkdt SUNWhkleu SUNWhkeue SUNWdialh SUNWfsmgtu SUNWfsmgtr SUNWdmgtr SUNWhkezt SUNWhkfnt SUNWdmgtu SUNWcdhez SUNWcdicn SUNWlvma SUNWlvmr SUNWlvmg SUNWhklvmg SUNWjmfmp3 SUNWdpl SUNWcdim SUNWcdt SUNWhkplt SUNWjpg-devel SUNWjpg-devel-share SUNWcdwm SUNWhkrmui SUNWjre-config SUNWhkttf SUNWdtct SUNWjre-config-plugin SUNWhkxe SUNWcepmw SUNWdtdem SUNWhkxwsvr SUNWjss SUNWladm SUNWhladm SUNWi2cs SUNWceuos SUNWceudt SUNWhleu SUNWjxmft SUNWhleu2 SUNWceuow SUNWhleue SUNWkdcr SUNWhlvma SUNWkdcu SUNWcfdl SUNWhlvmg SUNWkey SUNWmconr SUNWmctag SUNWmcon SUNWhmcon SUNWciqu SUNWhmctg SUNWciquc SUNWdthed SUNWkoi8f SUNWcjaf SUNWcjmail SUNWcladm SUNWhmoz SUNWhos SUNWcleu SUNWcleu2 SUNWkxmft SUNWolrte SUNWhorte SUNWcleue SUNWlcl SUNWless SUNWpdas SUNWhpdas SUNWdtinc SUNWclvma SUNWclvmg SUNWdtlog SUNWdtma SUNWlibCf SUNWcmcon SUNWllc SUNWdtmad SUNWcmctg SUNWppror SUNWpprou SUNWhpprou SUNWlibexif-devel SUNWdtmaz SUNWhrmui SUNWdtrc SUNWlibgcrypt-devel SUNWlibmr SUNWlibm SUNWcmoz SUNWdtrp SUNWhsadl SUNWlibpopt-devel SUNWlibpopt-devel-share SUNWcorte SUNWlibsasl SUNWhscgu SUNWlibusb SUNWlibusbugen SUNWcos SUNWllcr SUNWefcl SUNWhsfw SUNWefcr SUNWlldap SUNWefcu SUNWerid SUNWcpdas SUNWeuodf SUNWhtltk SUNWcpprou SUNWluxl SUNWcrmui SUNWcsadl SUNWluxopr SUNWcscgu SUNWhttf SUNWeuxwe SUNWcsfw SUNWctltk SUNWcttf SUNWevolution-libs-share SUNWevolution-libs SUNWevolution-root SUNWevolution-share SUNWevolution SUNWhttfe SUNWhudc SUNWcttfe SUNWevolution-devel SUNWhufnt SUNWcudc SUNWhwbc SUNWevolution-devel-share SUNWcufnt SUNWevolution-exchange-share SUNWevolution-exchange SUNWcwbc SUNWhwbcp SUNWevolution-exchange-root SUNWm64cf SUNWm64w SUNWcwbcp SUNWhwdev SUNWcwdev SUNWcwsr2 SUNWhwsr2 SUNWcwsrv SUNWevolution-libs-devel SUNWhwsrv SUNWcxe SUNWcxfnt SUNWhxe SUNWhxfnt SUNWcxman SUNWcxplt SUNWcxwsvr SUNWdbcp SUNWdesmc SPZHgc SUNWdmgp SUNWddcl SUNWddhcm SUNWmcex SUNWhxman SUNWevolution-socs-connectshare SUNWevolution-socs-connect SUNWdebas SUNWdedis SUNWdedma SUNWhxplt SUNWfac SUNWdedst SUNWhxwsvr SUNWdedte SUNWdehe SUNWdehed SUNWfchbar SUNWfchba SUNWdehev SUNWi13cs SUNWfctl SUNWfcip SPJAgc SUNWmcos SUNWfcmdb SUNWfcp SUNWdehez SUNWmcosx SUNWdeim SUNWfcsm SUNWdeiso1 SUNWdelu SUNWi5cs SUNWdemoz SUNWi7cs SUNWmdar SUNWdeos SUNWsmapi SUNWmdau SUNWdepmw SUNWffbcf SUNWi9cs SUNWmdbdm SUNWdespl SUNWibcp SUNWdewbc SUNWffbw SUNWmddr SPROgc SUNWitsmc SUNWimgp SUNWidcl SUNWdewm SUNWdews2 SUNWdewsv SUNWdexwsvr SUNWmfdev SUNWidhcm SUNWffiltersr SUNWdfdl SUNWmfman SUNWffiltersu SUNWdladm SUNWdlvma SUNWdlvmg SUNWifdl SUNWdmcon SUNWflexruntime SUNWflexlex SUNWiiimr SUNWdmctg SUNWdorte SUNWdpdas SUNWiladm SUNWdpprou SUNWilvma SUNWdrmui SUNWdsadl SUNWilvmg SUNWdscgu SUNWimcon SUNWdsfw SUNWdtltk SUNWdwacx SUNWdwbcp SUNWdwdev SUNWmibii SUNWfontconfigdocs SUNWdxplt SUNWsasnm SUNWsadmi SUNWsacom SUNWmipr SUNWimctg SUNWmipu SUNWessmc SUNWemgp SUNWedcl SUNWmkcd SUNWedhcm SUNWfppd SUNWmlib SUNWeeuos SUNWeeudt SUNWeeuow SUNWindt SUNWefdl SUNWeladm SUNWelvma SUNWelvmg SUNWinfnt SUNWemcon SUNWfsexam-root SUNWfsexam SUNWemctg SUNWinleu SUNWeorte SUNWinplt SUNWfss SUNWepdas SUNWepprou SUNWftdur SUNWermui SUNWftduu SUNWftpr SUNWinttf SUNWesadl SUNWesbas SUNWftpu SUNWescgu SUNWiorte SUNWesdis SUNWipdas SUNWfwdcu SUNWfwdc SUNWipprou SUNWesdma SUNWfwdcd SUNWesdst SUNWgcc SUNWirmui SUNWesdte SUNWisadl SUNWesfw SUNWeshe SUNWiscgu SUNWeshed SUNWeshev SUNWisfw SPZHscl SUNWitbas SUNWmlibe SUNWged SUNWgedu SUNWgfbcf SUNWeshez SUNWmlibh SUNWitdis SUNWmlibk SUNWmlibl SUNWitdma SUNWmozchat SUNWmozdom-inspector SUNWmozjs-debugger SUNWmozmail SUNWmoznss SUNWmozpsm SUNWmozspell SUNWmozapoc-adapter SUNWitdst SUNWgfbr SUNWgfbw SUNWesim SUNWitdte SUNWggrp SUNWesiso1 SUNWeslu SUNWithe SUNWesmoz SUNWithed SUNWithev SUNWmozgm SUNWesos SUNWgldoc SUNWithez SUNWglrtu SUNWglsrz SUNWgldp SUNWespmw SUNWitim SUNWitiso1 SUNWitltk SUNWesspl SUNWitlu SUNWeswbc SUNWitmoz SUNWitos SUNWglrtx SUNWglsrx SUNWgldpx SUNWmozilla-devel SUNWitpmw SUNWglh SUNWeswm SUNWglow SUNWitspl SUNWitwbc SUNWesws2 SUNWeswsv SUNWitwm SUNWitws2 SUNWesxwsvr SUNWitwsv SUNWitxwsvr SUNWiwacx SUNWiwbcp SUNWiwdev SUNWetltk SUNWixplt SUNWj3jmp SUNWeu8df SUNWj5jmp SUNWeuluf SUNWeu8os SUNWjsmc SUNWjmga SUNWjadcl SUNWjadis SUNWmoznspr-devel SUNWjadma SUNWeudba SUNWjamoz SUNWglsr SUNWjasu SUNWeudbd SUNWmoznss-devel SUNWjbcp SUNWeudda SUNWeudhr SUNWjcs3f SUNWjdab SUNWglt SUNWeudhs SUNWgm4 SUNWjdbas SUNWgmake SUNWgnome-a11y-base-devel SUNWeudis SUNWeudiv SUNWgnome-a11y-base-devel-share SUNWmysqlr SUNWjddst SUNWeudlg SUNWmysqlu SUNWmysqlt SUNWgnome-a11ygok-share SUNWgnome-a11y-libs SUNWgnome-a11y-libs-share SUNWgnome-a11y-speech-share SUNWgnome-a11y-speech SUNWgnome-a11y-gok SUNWjddte SUNWgnome-a11y-gok-root SUNWeudmg SUNWjdhcm SUNWeuezt SUNWjdhe SUNWjdhed SUNWeuhe SUNWeuhed SUNWjdhev SUNWncar SUNWewacx SUNWjdhez SUNWgnome-a11y-libs-devel-share SUNWgnome-audiodevel SUNWgnome-libs-devel-share SUNWgnome-libs-devel SUNWgnome-a11y-libs-devel SUNWewdev SUNWexplt SUNWjdim SUNWncau SUNWfbcp SUNWfmgp SUNWfdcl SUNWjdma SUNWncft SUNWfdhcm SPJAscl SUNWgnome-a11y-poke-share SUNWgnome-a11ypoke SUNWjdoc SUNWffdl SUNWgnome-a11y-reader SUNWfladm SUNWflvma SUNWjdwm SUNWflvmg SUNWgnome-a11y-reader-devel SUNWnfsskr SUNWnfssr SUNWgnome-a11y-reader-root SUNWfmcon SUNWject SUNWfmctg SUNWjedev SUNWjedt SUNWntpr SUNWjeezt SUNWforte SUNWjfpre SUNWgnome-a11y-reader-share SUNWfpdas SUNWjeman SUNWntpu SUNWfpprou SUNWfrbas SUNWfrdis SUNWpmowm SUNWjepmm SUNWgnome-a11y-speech-devel SUNWjepmw SUNWfrdma SUNWjeudc SUNWocfh SUNWfrdst SUNWgnome-archive-mgr-root SUNWgnome-archive-mgr-share SUNWgnome-archive-mgr SUNWjfdl SUNWfrdte SUNWjfpr SPZHcc SUNWogg-vorbis SUNWfrhe SUNWfrhed SUNWogg-vorbis-devel SUNWfrhev SUNWjfpu SUNWogg-vorbis-devel-share SUNWgnome-audiodevel-share SUNWgnome-audio-root SUNWgnome-audio-share SUNWjfpue SUNWjfxmn SUNWjiqu SUNWgnome-base-libs-devel-share SUNWgnome-base-libs-devel SUNWjiquc SUNWopensp SUNWopenjade SUNWjjaf SUNWjjmail SUNWjladm SUNWjlvma SUNWopenjade-devel SUNWjlvmg SUNWopenjade-root SUNWjman SUNWjmane SUNWopenjade-share SUNWjmcon SUNWjmctg SUNWjmfrn SUNWopensp-devel SUNWopensp-root SUNWgnome-calculator-root SUNWgnome-calculator-share SUNWgnome-calculator SUNWopenspshare SUNWopenssl-commands SUNWjorte SUNWpcmci SUNWpcmcu SUNWpcmem SUNWopenssl-include SUNWjos SUNWgnome-camera SUNWgnome-camera-devel SUNWgnome-camera-share SUNWopensslman SUNWjpdas SUNWjpprou SUNWgnome-cd-root SUNWgnome-cdshare SUNWgnome-freedb-libs-root SUNWgnome-freedb-libs-share SUNWgnome-freedb-libs SUNWgnome-cd SUNWjrmui SUNWopensslr SUNWgnome-cd-burner CSKruby SUNWjsadl SUNWosdem SUNWgnomecd-burner-root SUNWjscag SUNWjwncr SUNWgnome-cd-burner-share SUNWjsfw SUNWpamsc SUNWjtlmn SUNWgnome-character-map-share SUNWgnome-character-map SUNWjtltk SUNWjwacx SUNWjwbc SUNWpcelx SUNWjwbcp SUNWperl-xml-parser SUNWgnome-commondevel SUNWjwbd SUNWgnome-common-devel-share SUNWjwncu SUNWjwncx SUNWpcsclite SUNWgnome-component-devel-share SUNWgnome-component-devel SUNWjwndt SUNWpcsclite-devel SUNWjwnsr SUNWpcser SUNWjwnsu SUNWpd SUNWgnome-config- devel SUNWjws2 SUNWgnome-config-devel-share SUNWjwsv SUNWgnome-config-editor-share SUNWgnome-config-editor SUNWpdu SUNWjxcft SUNWkadma SUNWperl-xml-parser-devel-share SUNWgnome-desktop-prefs-root SUNWgnome-desktop-prefs-share SUNWgnome-desktop-prefs SUNWgnome-desktop-prefs-devel SUNWperl584man SUNWjxfa SUNWjxplt SUNWjxfnt SUNWpfbcf SUNWgnome-dialog SUNWpfbw SUNWgnome-dialog-share SUNWphx SUNWpiclh SUNWjxim SUNWpiclr SUNWjxoft SUNWgnome-dictionaryroot SUNWgnome-dictionary-share SUNWgnome-dictionary SUNWgnome-display-mgr-root SUNWgnome-display-mgr-share SUNWgnome-session SUNWgnome-dtlogin-integration SUNWgnomedisplay-mgr SUNWpkgcmdsr SUNWpkgcmdsu SUNWpl5v SUNWpl5m SUNWjxpmn SUNWpl5p SUNWjxumn SUNWgnome-file-mgr-devel SUNWjxwsvr SUNWkacx SUNWkadis SUNWplowr SUNWkbcp SUNWgnome-fonts SUNWpmgr SUNWkdab SUNWpng-devel SUNWkdbas SUNWpng-devel-share SUNWksmc SUNWkmga SUNWkdcl SUNWgnomefun-applets-root SUNWgnome-fun-applets-share SUNWgnome-funapplets SUNWkdcst SUNWkddst SUNWpppd SUNWpppdr SUNWkddte SUNWgnome-games SUNWpppdu SUNWpppdt SUNWpppg SUNWkdezt SUNWppro-plugin-sunos-base SUNWgnome-games-root SUNWkdft SUNWkdhcm SUNWkdhe SUNWpsdpr SUNWpsm-lpd SUNWgnomegames-share SUNWkdhev SUNWkdhez SUNWqfed SUNWkdicn SUNWqfedu SUNWkdim SUNWqlc SUNWkdt SUNWqos SUNWqosu SUNWkdwm SUNWqus SUNWgnome-hex-editor-root SUNWkpdas SUNWgnome-hex-editor-share SUNWgnome-hex-editor SUNWgnomehex-editor-devel SUNWkepmw SUNWqusu SUNWrcapr SUNWrcapu SUNWkfdl SUNWkladm SUNWrcmdr SUNWgnome-im-client SUNWkleu SUNWgnome-im-client-share SUNWrmodu SUNWrmwbr SUNWgnomeimg-editor-share SUNWgnome-img-editor SUNWrmwbu SUNWkleue SUNWroute SUNWkos SUNWgnome-img-editor-devel SUNWrpcib SUNWklvma SUNWrpm SUNWklvmg SUNWgnome-img-editor-develshare SUNWkmcon SUNWrsgk SUNWkmctg SUNWrsm SUNWrtvc SUNWrtvcl SUNWgnome-img-editor-root SUNWrtvcu SUNWkomoz SUNWsbp2 SUNWscbcp SUNWgnome-img-viewer-root SUNWgnomeimg-viewer-share SUNWgnome-img-viewer SUNWkorte SUNWscmhdlr SUNWkpprou SUNWkrmui SUNWscsa1394 SUNWgnome-internetapplets-root SUNWgnome-internet-applets-share SUNWgnome-internetapplets SUNWserr SUNWksadl SUNWseru SUNWgnome-intranet-appletsroot SUNWgnome-intranet-applets-share SUNWgnome-intranet-applets SUNWkscgu SUNWserweb SUNWgnome-media-root SUNWgnomemedia-share SUNWgnome-media SUNWksfw SUNWsfdoc SUNWgnomejdshelp-share SUNWgnome-jdshelp SUNWsfinf SUNWktltk SUNWkttf SUNWsfman SUNWsfwdemo SUNWkttfe SUNWsfwhea SUNWgnomemedia-devel SUNWslpr SUNWgnome-media-devel-share SUNWgnomemedia-player SUNWgnome-media-player-root SUNWslpu SUNWgnomemedia-player-share SUNWsmagt SUNWgnome-mm-applets-root SUNWgnome-mm-applets-share SUNWgnome-mm-applets SUNWgnomepanel-devel-share SUNWgnome-panel-devel SUNWkxe SUNWsmbac SUNWkudc SUNWgnome-pdf-viewer-root SUNWgnome-pdf-viewer-share SUNWgnome-pdf-viewer SUNWkuxft SUNWgnome-perf-meter SUNWsmcmd SUNWgnome-perf-meter-root SUNWgnome-perf-metershare SUNWgnome-print-devel SUNWgnome-print-devel-share SUNWgnome-project SUNWsmdoc SUNWgnome-project-devel SUNWgnome-project-devel-share SUNWgnome-project-share SUNWsmmgr SUNWgnome-ps-viewer SUNWgnome-ps-viewer-root SUNWgnome-ps-viewer-share SUNWgnome-removable-media SUNWgnome-removable-media-share SUNWsndmr SUNWgnome-searchtool-root SUNWgnome-search-tool-share SUNWgnome-search-tool SUNWkwbc SUNWkwsrv SUNWgnome-session-root SUNWkwbcp SUNWgnome-session-share SUNWgnome-sound-recorder-root SUNWgnome-sound-recorder-share SUNWgnome-sound-recorder SUNWgnome-spell-share SUNWgnome-spell SUNWgnome-sys-suspend SUNWgnome-sys-suspend-share SUNWgnome-terminal SUNWsndmu SUNWkwdev SUNWkwsr2 SUNWkxfnt SUNWkxfte SUNWkxman SUNWkxplt SUNWkxwsvr SUNWlocaledefsrc SUNWmeaos SUNWmeadt SUNWmeaow SUNWnafos SUNWnafdt SUNWnafow SUNWnamos SUNWnamdt SUNWnamow SUNWneuos SUNWneudt SUNWneuow SUNWplmoz SUNWplow SUNWplow1 SUNWplxwsvr SUNWptmoz SUNWptxwsvr SUNWrumoz SUNWruxwsvr SUNWsamos SUNWsamdt SUNWsamow SUNWsvsmc SUNWsmgp SUNWsdcl SUNWsdhcm SUNWseuos SUNWseudt SUNWseuow SUNWsfdl SUNWsladm SUNWslvma SUNWslvmg SUNWsmcon SUNWsmctg SUNWsorte SUNWspdas SUNWspprou SUNWsrmui SUNWssadl SUNWsscgu SUNWssfw SUNWstardict SUNWstardict-root SUNWstltk SUNWsunpinyin SUNWsvbas SUNWdc SUNWsvdis SUNWsvdma SUNWsvdst SUNWsvdte SUNWsvhe SUNWsvhed SUNWsvhev SUNWsvhez SUNWsvim SUNWsviso1 SUNWsvlu SUNWsvmoz SUNWsvos SUNWsvpmw SUNWsvspl SUNWsvwbc SUNWsvwm SUNWsvws2 SUNWsvwsv SUNWsvxwsvr SUNWswacx SUNWswdev SUNWsxplt SUNWtdbas SUNWtddst SUNWtddte SUNWtdft SUNWtdwm SUNWtleu SUNWtxplt SUNWudct SUNWvbcp SUNWvwbcp SUNWweuos SUNWweudt SUNWweuow SUNWsolnm SUNWsom SUNWsogm SUNWspnego SUNWsra SUNWsrh SUNWvts SUNWvtsmn SUNWvtsr SUNWvtsts SUNWccccrr SUNWccccr SUNWccsign SUNWcsmauth SUNWccfw SUNWbreg SUNWcctpx SUNWccccfg SUNWccfwctrl SUNWccinv SUNWupdatemgru SUNWupdatemgrr SUNWzfskr SUNWzfsr SUNWzfsu CSWpkgget CSWcommon CSWzlib CSWosslrt CSWbdb44 CSWiconv CSWkrb5lib CSWlibmm CSWlibnet CSWgcrypt CSWlibxml2 CSWreadline CSWunixodbc CSWphp5 CSWmysql5rt CSWap2modphp5 CSWexpat CSWgdbm CSWggettext CSWgsed CSWbdb4 CSWsasl CSWoldaprt CSWperl CSWncurses CSWapache2c CSWap2prefork CSWapache2 SMClgcc346 SMCliconv SMCgcc SMCzlib SMCncurs SMCmysql SFWmphp SFWmyjdb SMCsudo CSWpmnetdaemon CSWpmplrpc CSWpmdbi SMCossl SMCwget SUNWpostgr-libs SUNWpostgr SUNWpostgr-serverdata SUNWpostgr-server SMCreadl SMCsamba CSWphp5mysql CSWossldevel CSWosslutils CSWossl CSWsqlite3 CSWapache2rt CSWsunmath CSWglib2 CSWlibpopt CSWlibidl CSWorbit2 CSWbonobo2 CSWftype2 CSWfconfig CSWgpgerr CSWopencdk CSWgnutls CSWjpeg CSWlibatk CSWrenderdev CSWlibxrender CSWpng CSWlibcairo CSWtiff CSWlibcups CSWlibxft2 CSWpango CSWgtk2 CSWgconf2 CSWbzip2 CSWlibdbus CSWdbusglib CSWfam CSWgnomevfs2 CSWlibart CSWaudiofile CSWesound CSWlibglade2 CSWlibgnome CSWlibgnomecanvas CSWlibbonoboui CSWgnomekeyring CSWlibgnomeui SMCimap SFWglib2 SFWatk SFWcairo SFWpango SFWgtk2 SFWdbus SFWdbus-glib SFWfirefox SUNWcbreg SUNWdbreg SUNWebreg SUNWfbreg SUNWhbreg SUNWibreg SUNWjbreg SUNWkbreg SUNWsbreg SUNWcupdatemgru SUNWdupdatemgru SUNWeupdatemgru SUNWfupdatemgru SUNWhupdatemgru SPJAcc SUNWiupdatemgru SUNWjupdatemgru SUNWkupdatemgru SUNWsupdatemgru SPROdwrfb SPROmrdwf SPJAmrdwf SPZHmrdwf SPROdwrfx SPROlang SPJAlang SPZHlang SPROlangx SPROsbld SPJAsbld SPZHsbld SPROsbldx SPROlcxs SPROrdbkb SPROrdbkx SPROild SPJAild SPZHild SPROildx SPROcc SPROutool SPJAutool SPZHutool SPROsvc SPJAsvc SPZHsvc SPROmrcc SPJAmrcc SPZHmrcc SPROmrcom SPJAmrcom SPZHmrcom SPROmrild SPJAmrild SPZHmrild SPROmr3m SPJAmr3m SPZHmr3m SPROmrtcv SPJAmrtcv SPZHmrtcv SPROmrdmk SPJAmrdmk SPZHmrdmk SPROmride SPJAmride SPZHmride SPROm9xs SPROm9xsx SPROm9xpx SPROsunms SPROsmsx SPROsmpx SPROmrsbe SPJAmrsbe SPZHmrsbe SPROsbe SPROsnit SPJAsnit SPZHsnit SPROpnsn SPROfd SPJAfd SPROcpl SPJAcpl SPZHcpl SPROcplx SPROcmpl SPROtlbn7 SPROtll7 SPROtl7x SPROtll7x SPROscl SPROsclx SPROmrstd SPZHmrstd SPROmrcpl SPJAmrcpl SPZHmrcpl SPROstl4h SPROstl4a SPROstl4o SPROstl4x SPROstl4y SPROftool SPJAftool SPZHftool SPROl90 SPROl90x SPROl90s SPROl90sx SPROf90 SPJAf90 SPZHf90 SPROmrftn SPJAmrftn SPZHmrftn SPROl77s SPROl77sx SPROlgc SPROgcx SPROlgcx SPROlklnt SPJAlklnt SPZHlklnt SPROmrmp SPJAmrmp SPZHmrmp SPROdbx SPJAdbx SPZHdbx SPROdbxx SPROjdbx SPJAjdbx SPZHjdbx SMCperl SMCpine CSVNclnt CSVNsrvr CSVNxtrs SMCjpeg SMClungif SMCxaw3d SMCxpm SMCemacs SMCsasl SMCtetex CSWdiffutils CSWpkgutil CSWneon CSWsvn SMCexpat TIVsmCapi TIVsmCba SUNWj6rt SUNWj6dev SUNWj6cfg SUNWj6man SUNWj6dmo SUNWj6rtx SUNWj6dvx SUNWj6dmx SUNWj6jmp Plugin ID: 19763 SNMP Query Running Process List Disclosure Synopsis: The list of processes running on the remote host can be obtained via SNMP. Description: It is possible to obtain the list of running processes on the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.25.4.2.1.2 An attacker may use this information to gain more knowledge about the target host. Risk factor: None Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: sched init pageout fsflush svc.startd svc.configd syseventd picld kcfd nscd devfsadmd cron rpcbind nfs4cbd nfsmapid sac statd lockd utmpd inetd ttymon nmbd smbd smbd vold mountd nfsd sshd sshd sshd -bash mount automountd automountd syslogd sendmail sendmail fmd snmpd dtlogin sh sh dataserver backupserver httpd dsmc dsmcad smbd smbd xfs sh rpc.ttdbserverd smbd ttymon smbd ex ex perl httpd smbd sas elssrv sshd sshd -csh -csh bash bash smbd smbd smbd sshd sshd -csh httpd smbd httpd smbd sshd sshd -csh httpd smbd -csh java httpd httpd httpd httpd httpd httpd httpd httpd perl httpd httpd httpd httpd httpd httpd httpd imapd imapd httpd sendmail in.ftpd in.ftpd Plugin ID: 10550 SNMP Supported Protocols Detection Synopsis: This plugin reports all the protocol versions successfully negotiated with the remote SNMP agent. Description: Extend the SNMP settings data already gathered by testing for SNMP versions other than the highest negotiated. Risk factor: None Solution: n/a Plugin output: This host supports SNMP version SNMPv1. This host supports SNMP version SNMPv2c. Plugin ID: 40448 SNMP Protocol Version Detection Synopsis: This plugin reports the protocol version negotiated with the remote SNMP agent. Description: By sending an SNMP 'get-next-request', it is possible to determine the protocol version of the remote SNMP agent. Risk factor: None See also: http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: Nessus has negotiated SNMP communications at SNMPv2c. Plugin ID: 35296 SNMP Query Routing Information Disclosure Synopsis: The list of IP routes on the remote host can be obtained via SNMP. Description: It is possible to obtain the routing information on the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.4.21 An attacker may use this information to gain more knowledge about the network topology. Risk factor: None Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: 69.86.246.247/255.255.255.255 127.0.0.1/255.255.255.255 128.59.28.164/255.255.255.255 128.59.29.8/255.255.255.255 137.187.22.50/255.255.255.255 137.187.22.51/255.255.255.255 156.111.0.0/255.255.255.255 156.111.5.0/255.255.255.0 156.111.5.1/255.255.255.255 156.111.5.28/255.255.255.255 156.111.5.54/255.255.255.255 156.111.5.89/255.255.255.255 156.111.5.207/255.255.255.255 156.111.5.255/255.255.255.255 156.111.60.83/255.255.255.255 156.111.60.150/255.255.255.255 156.111.70.150/255.255.255.255 156.111.204.50/255.255.255.255 156.111.255.255/255.255.255.255 156.145.103.24/255.255.255.255 156.145.104.15/255.255.255.255 156.145.104.38/255.255.255.255 156.145.104.42/255.255.255.255 156.145.104.54/255.255.255.255 156.145.104.60/255.255.255.255 156.145.104.67/255.255.255.255 156.145.104.70/255.255.255.255 156.145.104.91/255.255.255.255 156.145.104.95/255.255.255.255 156.145.104.103/255.255.255.255 156.145.104.132/255.255.255.255 156.145.104.136/255.255.255.255 156.145.104.149/255.255.255.255 156.145.104.177/255.255.255.255 156.145.104.229/255.255.255.255 156.145.105.181/255.255.255.255 156.145.109.22/255.255.255.255 156.145.113.37/255.255.255.255 160.39.40.212/255.255.255.255 207.46.12.213/255.255.255.255 224.0.0.0/240.0.0.0 255.255.255.255/255.255.255.255 Plugin ID: 34022 SNMP Query System Information Disclosure Synopsis: The System Information of the remote host can be obtained via SNMP. Description: It is possible to obtain the system information about the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.1.1. An attacker may use this information to gain more knowledge about the target host. Risk factor: None Solution: Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Plugin output: System information : sysDescr : SunOS ctsa 5.10 Generic_141414-02 sun4u sysObjectID : 1.3.6.1.4.1.8072.3.2.3 sysUptime : 2d 22h 18m 16s sysContact : "System administrator" sysName : ctsa sysLocation : "System administrators office" sysServices : 72 Plugin ID: 10800 Nessus SNMP Scanner Synopsis: SNMP information is enumerated to learn about other open ports. Description: This plugin runs an SNMP scan against the remote machine to find open ports. See the section 'plugins options' to configure it Risk factor: None Solution: n/a Plugin output: Nessus snmp scanner was able to retrieve the open port list with the community name: public It found 38 open TCP ports and 17 open UDP ports Plugin ID: 14274 Port unknown (16935/tcp) [-/+] Port xdmcp? (177/udp) [-/+] Port rpc-nfs (2049/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 2049 : - program: 100003 (nfs), version: 2 - program: 100003 (nfs), version: 3 - program: 100227 (nfs_acl), version: 2 - program: 100227 (nfs_acl), version: 3 Plugin ID: 11111 RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 2049 : - program: 100003 (nfs), version: 2 - program: 100003 (nfs), version: 3 - program: 100003 (nfs), version: 4 - program: 100227 (nfs_acl), version: 2 program: 100227 (nfs_acl), version: 3 Plugin ID: 11111 Port ftp (21/tcp) [-/+] Solaris FTP Daemon Long Command Cross-Site Request Forgery Synopsis: The remote FTP server has a cross-site request forgery vulnerability. Description: The version of FTP running on the remote host has a cross-site request forgery vulnerability. Long file names are not processed properly, resulting in the execution of arbitrary commands. If a user is logged into the FTP server via web browser, a remote attacker could exploit this by tricking them into requesting a maliciously crafted web page, resulting in the execution of arbitrary FTP commands. Risk factor: Medium CVSS Base Score:4.3 CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N See also: http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0283.html See also: http://securityreason.com/achievement_securityalert/84 Solution: There is no known solution at this time. Plugin ID: 47040 BID: 40320 Other references: OSVDB:64869, Secunia:39856 Anonymous FTP Enabled Synopsis: Anonymous logins are allowed on the remote FTP server. Description: This FTP service allows anonymous logins. Any remote user may connect and authenticate without providing a password or unique credentials. This allows a user to access any files made available on the FTP server. Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Disable anonymous FTP if it is not required. Routinely check the FTP server to ensure sensitive content is not available. Plugin output: The contents of the remote FTP root are : total 80 lrwxrwxrwx 1 0 1 7 Dec 31 2009 bin -> usr/bin drwxr-xr-x 2 0 1 512 Jul 13 2004 dev drwxrxr-x 2 0 1 512 Jul 13 2004 etc dr-xr-xr-x 21 anonymou 1 512 Jul 12 2004 pub drwxr-xr-x 5 0 1 512 Jul 12 2004 usr Plugin ID: 10079 CVE: CVE-1999-0497 Other references: OSVDB:69 Service Detection An FTP server is running on this port. Plugin ID: 22964 FTP Supports Clear Text Authentication Synopsis: Authentication credentials might be intercepted. Description: The remote FTP server allows the user's name and password to be transmitted in clear text, which may be intercepted by a network sniffer, or a man-in-the-middle attack. Risk factor: Low CVSS Base Score:2.6 CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N Solution: Switch to SFTP (part of the SSH suite) or FTPS (FTP over SSL/TLS). In the latter case, configure the server such that control connections are encrypted. Plugin output: This FTP server does not support 'AUTH TLS'. Plugin ID: 34324 Other references: CWE:522, CWE:523 FTP Server Detection Synopsis: An FTP server is listening on this port. Description: It is possible to obtain the banner of the remote FTP server by connecting to the remote port. Risk factor: None Solution: N/A Plugin output: The remote FTP banner is : 220 ctsa FTP server ready. Plugin ID: 10092 Port ssh (22/tcp) [-/+] SSH Server Type and Version Information Synopsis: An SSH server is listening on this port. Description: It is possible to obtain information about the remote SSH server by sending an empty authentication request. Risk factor: None Solution: n/a Plugin output: SSH version : SSH-2.0-Sun_SSH_1.1.1 SSH supported authentication : gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive Plugin ID: 10267 Service Detection An SSH server is running on this port. Plugin ID: 22964 Port telnet (23/tcp) Telnet Server Detection [-/+] Synopsis: A Telnet server is listening on the remote port. Description: The remote host is running a Telnet server, a remote terminal server. Risk factor: None Solution: Disable this service if you do not use it. Plugin output: Here is the banner from the remote Telnet server : ----------------------------- snip ------------------------------ login: ------------------------------ snip ----------------------------Plugin ID: 10281 Service Detection A telnet server is running on this port. Plugin ID: 22964 Unencrypted Telnet Server Synopsis: The remote Telnet server transmits traffic in cleartext. Description: The remote host is running a Telnet server over an unencrypted channel. Using Telnet over an unencrypted channel is not recommended as logins, passwords and commands are transferred in cleartext. An attacker may eavesdrop on a Telnet session and obtain credentials or other sensitive information. Use of SSH is prefered nowadays as it protects credentials from eavesdropping and can tunnel additional data streams such as the X11 session. Risk factor: Low CVSS Base Score:2.6 CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N Solution: Disable this service and use SSH instead. Plugin ID: 42263 Port smtp (25/tcp) [-/+] SMTP Server Detection Synopsis: An SMTP server is listening on the remote port. Description: The remote host is running a mail (SMTP) server on this port. Since SMTP servers are the targets of spammers, it is recommended you disable it if you do not use it. Risk factor: None Solution: Disable this service if you do not use it, or filter incoming traffic to this port. Plugin output: Remote SMTP server banner : 220 ctsa.cpmc.columbia.edu ESMTP Sendmail 8.13.8+Sun/8.13.8; Wed, 6 Oct 2010 21:50:20 -0400 (EDT) 500 5.5.1 Command unrecognized: "GET / HTTP/1.0" 500 5.5.1 Command unrecognized: "" Plugin ID: 10263 Service Detection An SMTP server is running on this port. Plugin ID: 22964 Port remoteware-cl? (3000/tcp) [-/+] Port unknown (30000/tcp) [-/+] Port telnet (3100/tcp) [-/+] Telnet Server Detection Synopsis: A Telnet server is listening on the remote port. Description: The remote host is running a Telnet server, a remote terminal server. Risk factor: None Solution: Disable this service if you do not use it. Plugin output: Here is the banner from the remote Telnet server : ----------------------------- snip ------------------------------ Username: -----------------------------snip -----------------------------Plugin ID: 10281 Unencrypted Telnet Server Synopsis: The remote Telnet server transmits traffic in cleartext. Description: The remote host is running a Telnet server over an unencrypted channel. Using Telnet over an unencrypted channel is not recommended as logins, passwords and commands are transferred in cleartext. An attacker may eavesdrop on a Telnet session and obtain credentials or other sensitive information. Use of SSH is prefered nowadays as it protects credentials from eavesdropping and can tunnel additional data streams such as the X11 session. Risk factor: Low CVSS Base Score:2.6 CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N Solution: Disable this service and use SSH instead. Plugin ID: 42263 Service Detection A telnet server is running on this port. Plugin ID: 22964 Port rpc-fmproduct (32771/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32771 : - program: 1073741824 (fmproduct), version: 1 Plugin ID: 11111 Port rpc-status (32772/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32772 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1 Plugin ID: 11111 Port rpc-rusersd (32773/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32773 : - program: 100002 (rusersd), version: 2 - program: 100002 (rusersd), version: 3 Plugin ID: 11111 Port rpc-status (32774/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32774 : - program: 100024 (status), version: 1 - program: 100133 (nsm_addrand), version: 1 Plugin ID: 11111 Port rpc-sgi_fam (32776/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32776 : - program: 391002 (sgi_fam), version: 1 - program: 391002 (sgi_fam), version: 2 Plugin ID: 11111 Port rpc-ttdbserverd (32777/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32777 : - program: 100083 (ttdbserverd), version: 1 Plugin ID: 11111 Port rpc-mountd (32778/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 32778 : - program: 100005 (mountd), version: 1 - program: 100005 (mountd), version: 2 program: 100005 (mountd), version: 3 Plugin ID: 11111 Port rpc-rstatd (32779/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32779 : - program: 100001 (rstatd), version: 2 - program: 100001 (rstatd), version: 3 program: 100001 (rstatd), version: 4 Plugin ID: 11111 Port rpc-rusersd (32780/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32780 : - program: 100002 (rusersd), version: 2 - program: 100002 (rusersd), version: 3 Plugin ID: 11111 Port rpc-rquotad (32782/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32782 : - program: 100011 (rquotad), version: 1 Plugin ID: 11111 Port rpc-cmsd (32786/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32786 : - program: 100068 (cmsd), version: 2 - program: 100068 (cmsd), version: 3 program: 100068 (cmsd), version: 4 - program: 100068 (cmsd), version: 5 Plugin ID: 11111 Port rpc-mountd (32787/udp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 32787 : - program: 100005 (mountd), version: 1 - program: 100005 (mountd), version: 2 program: 100005 (mountd), version: 3 Plugin ID: 11111 Port unknown (32789/tcp) [-/+] Port unknown (32791/tcp) [-/+] Port unknown (32856/udp) [-/+] Port rpc-nlockmgr (4045/tcp) [-/+] RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on UDP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4 Plugin ID: 11111 RPC Services Enumeration Synopsis: An ONC RPC service is running on the remote host. Description: By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. Risk factor: None Solution: n/a Plugin output: The following RPC services are available on TCP port 4045 : - program: 100021 (nlockmgr), version: 1 - program: 100021 (nlockmgr), version: 2 - program: 100021 (nlockmgr), version: 3 - program: 100021 (nlockmgr), version: 4 Plugin ID: 11111 Port cifs (445/tcp) Samba Server Detection [-/+] Synopsis: An SMB server is running on the remote host. Description: The remote host is running Samba, a CIFS/SMB server for Unix. Risk factor: None See also: http://www.samba.org/ Solution: n/a Plugin ID: 25240 Port commplex-link? (5001/tcp) [-/+] Port rlogin (513/tcp) [-/+] rlogin Service Detection Synopsis: The rlogin service is listening on the remote port. Description: The remote host is running the 'rlogin' service. This service is dangerous in the sense that it is not ciphered - that is, everyone can sniff the data that passes between the rlogin client and the rloginserver. This includes logins and passwords. Also, it may allow poorly authenticated logins without passwords. If the host is vulnerable to TCP sequence number guessing (from any network) or IP spoofing (including ARP hijacking on a local network) then it may be possible to bypass authentication. Finally, rlogin is an easy way to turn file-write access into full logins through the .rhosts or rhosts.equiv files. You should disable this service and use ssh instead. Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Comment out the 'login' line in /etc/inetd.conf Plugin ID: 10205 CVE: CVE-1999-0651 Other references: OSVDB:193 Port shell? (514/tcp) [-/+] Port unknown (52412/udp) [-/+] Port smtp (587/tcp) [-/+] SMTP Server Detection Synopsis: An SMTP server is listening on the remote port. Description: The remote host is running a mail (SMTP) server on this port. Since SMTP servers are the targets of spammers, it is recommended you disable it if you do not use it. Risk factor: None Solution: Disable this service if you do not use it, or filter incoming traffic to this port. Plugin output: Remote SMTP server banner : 220 ctsa.cpmc.columbia.edu ESMTP Sendmail 8.13.8+Sun/8.13.8; Wed, 6 Oct 2010 21:50:11 -0400 (EDT) 500 5.5.1 Command unrecognized: "GET / HTTP/1.0" 500 5.5.1 Command unrecognized: "" Plugin ID: 10263 Service Detection An SMTP server is running on this port. Plugin ID: 22964 Port unknown (60405/tcp) [-/+] Port xfs (7100/tcp) [-/+] X Font Service Detection Synopsis: An X font service is listening on the remote host. Description: The remote service is an X Window Font Service (xfs) daemon, which serves font files to clients. Risk factor: None See also: http://www.x.org/docs/FSProtocol/fsproto.pdf See also: http://en.wikipedia.org/wiki/X_Font_Server Solution: Limit incoming traffic to this port if desired or disable the service as the use of server-supplied fonts is currently deprecated. Plugin output: Nessus was able to gather the following information from the remote X Font Server : - Protocol : 2.0 - Alternate servers : none - Max request size : 65536 bytes - Vendor release : 6000 - Vendor string : X Consortium - Available fonts (up to 15) : --courier-bold-o-normal--0-0-00-m-0-iso8859-1 --courier-bold-r-normal--0-0-0-0-m-0-iso8859-1 -courier-medium-o-normal--0-0-0-0-m-0-iso8859-1 --courier-medium-rnormal--0-0-0-0-m-0-iso8859-1 --symbol-medium-r-normal--0-0-0-0-p-0-symbol --symbol-medium-r-normal--0-0-0-0-p-0-sun-fontspecific -itccourier-bold-o-normal--0-0-0-0-m-0-iso8859-1 -itc-courier-bold-r-normal-0-0-0-0-m-0-iso8859-1 -itc-courier-medium-o-normal--0-0-0-0-m-0iso8859-1 -itc-courier-medium-r-normal--0-0-0-0-m-0-iso8859-1 linotype-helvetica-bold-o-normal--0-0-0-0-p-0-iso8859-1 -linotypehelvetica-bold-o-normal-sans-0-0-0-0-p-0-iso8859-1 -linotype-helveticabold-r-normal--0-0-0-0-p-0-iso8859-1 -linotype-helvetica-bold-r-normalsans-0-0-0-0-p-0-iso8859-1 -linotype-helvetica-medium-o-normal--0-0-00-p-0-iso8859-1 Plugin ID: 26971 Port finger (79/tcp) [-/+] Finger Recursive Request Arbitrary Site Redirection Synopsis: It is possible to use the remote host to perform third-party host scans. Description: The remote finger service accepts redirect requests. That is, users can perform requests like : finger user@host@victim This allows an attacker to use this computer as a relay to gather information on a third-party network. In addition, this type of syntax can be used to create a denial of service condition on the remote host. Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Disable the remote finger daemon (comment out the 'finger' line in /etc/inetd.conf and restart the inetd process) or upgrade it to a more secure one. Plugin ID: 10073 CVE: CVE-1999-0105, CVE-1999-0106 Other references: OSVDB:64, OSVDB:5769 Finger Service Remote Information Disclosure Synopsis: It is possible to obtain information about the remote host. Description: The remote host is running the 'finger' service. The purpose of this service is to show who is currently logged into the remote system, and to give information about the users of the remote system. It provides useful information to attackers, since it allows them to gain usernames, determine how used a machine is, and see when each user logged in for the last time. Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Comment out the 'finger' line in /etc/inetd.conf and restart the inetd process Plugin output: Here is the output we obtained for 'root' : Login Name TTY Idle When Where root Super-User pts/1 <Oct 6 14:21> Plugin ID: 10068 CVE: CVE-1999-0612 Other references: OSVDB:11451 Service Detection A finger daemon is running on this port. Plugin ID: 22964 Port www (80/tcp) [-/+] Multiple Web Server printenv CGI Information Disclosure Synopsis: The remote web server contains a CGI script that discloses information. Description: The remote web server contains the 'test-cgi' test script, which is included by default with some web servers. The printenv CGI returns its environment variables. This gives an attacker information like the installation directory, the server IP address (which is interesting if NAT is implemented), the server administrator's e-mail address, the server and modules versions, the shell environment variables... Risk factor: Medium CVSS Base Score:5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N Solution: Remove printenv from /cgi-bin. Plugin output: The CGI was found under : http://ctsa.cpmc.columbia.edu/cgibin/printenv Plugin ID: 10188 Other references: OSVDB:11666 Service Detection A web server is running on this port. Plugin ID: 22964 Port ajp13 (8009/tcp) AJP Connector Detection Synopsis: There is an AJP connector listening on the remote host. [-/+] Description: The remote host is running an AJP (Apache JServ Protocol) connector, a service by which a standalone web server such as Apache communicates over TCP with a Java servlet container such as Tomcat. Risk factor: None See also: http://tomcat.apache.org/connectors-doc/ See also: http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html Solution: n/a Plugin output: The connector listing on this port supports the ajp13 protocol. Plugin ID: 21186 Port www (8080/tcp) [-/+] Service Detection A web server is running on this port. Plugin ID: 22964 Port www (901/tcp) [-/+] Samba Web Administration Tool (SWAT) Detection Synopsis: The remote host is running a web server for Samba administration. Description: The remote host is running SWAT, the Samba Web Administration Tool. SWAT is a web-based configuration tool for Samba administration that also allows for network-wide MS Windows network password management. Risk factor: None See also: http://www.samba.org/samba/docs/man/Samba-HOWTOCollection/SWAT.html Solution: Either disable SWAT or limit access to authorized users and ensure that it is set up with stunnel to encrypt network traffic. Plugin ID: 10273 Service Detection A SWAT server is running on this port. Plugin ID: 22964 Service Detection A web server is running on this port. Plugin ID: 22964 Port imap (993/tcp) [-/+] IMAP Service Banner Retrieval Synopsis: An IMAP server is running on the remote host. Description: An IMAP (Internet Message Access Protocol) server is installed and running on the remote host. Risk factor: None Solution: n/a Plugin output: The remote imap server banner is : * OK [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN] ctsa IMAP4rev1 2006e.378 at Wed, 6 Oct 2010 21:50:09 -0400 (EDT) Plugin ID: 11414 Service Detection A TLSv1 server answered on this port. Plugin ID: 22964 Service Detection An IMAP server is running on this port through TLSv1. Plugin ID: 22964 [^] Back to 156.111.5.207
