Network Vulnerability Assessment Report
17.05.2007
Sorted by host names

Session name: TP-Link TL-WR542GStart Time:17.05.2007 18:48:50
Finish Time:17.05.2007 19:03:37
Elapsed:0 day(s) 00:14:47
Total records generated:6
high severity:0
Medium severity:0
informational:6


Summary of scanned hosts

HostHolesWarningsOpen portsState
10.0.0.99001Finished


10.0.0.99

ServiceSeverityDescription
www (80/tcp)
Info
Port is open
general/tcp
Info
10.0.0.99 resolves as NatRouter.ixbt.lab.
general/icmp
Info

Synopsis :

The remote host leaks memory in network packets.

Description :

The remote host is vulnerable to an 'Etherleak' - the remote
ethernet driver seems to leak bits of the content of the memory
of the remote operating system.

Note that an attacker may take advantage of this flaw only when
its target is on the same physical subnet.

See also :

http://www.atstake.com/research/advisories/2003/a010603-1.txt

Solution :

Contact your vendor for a fix

Risk factor :

Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
CVE : CVE-2003-0001
BID : 6535
general/icmp
Info

Synopsis :

It is possible to determine the exact time set on the remote host.

Description :

The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor :

None / CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)

Plugin output :

The difference between the local and remote clocks is 50566 seconds

CVE : CVE-1999-0524
general/tcp
Info
The following ports were open at the beginning of the scan but are now closed:

Port 80 was detected as being open but is now closed.

This might be an availability problem related which might be due to the following reasons :

- The remote host is now down, either because a user turned it off during the scan
- A network outage has been experienced during the scan, and the remote
network cannot be reached from the Vulnerability Scanner any more
- This Vulnerability Scanner has been blacklisted by the system administrator
or by automatic intrusion detection/prevention systems which have detected the
vulnerability assessment.

In any case, the audit of the remote host might be incomplete and may need to
be done again

www (80/tcp)
Info
A web server is running on this port