Network Vulnerability Assessment Report
13.10.2005
Sorted by host names

Session name: Compex WPE54GStart Time:13.10.2005 16:05:01
Finish Time:13.10.2005 16:09:32
Elapsed:0 day(s) 00:04:31
Total records generated:9
high severity:0
Medium severity:2
informational:7


Summary of scanned hosts

HostHolesWarningsOpen portsState
10.0.0.48022Finished


10.0.0.48

ServiceSeverityDescription
www (80/tcp)
Info
Port is open
telnet (23/tcp)
Info
Port is open
general/tcp
Medium

The remote host does not discard TCP SYN packets which
have the FIN flag set.

Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.

See also : http://archives.neohapsis.com/archives/bugtraq/2002-10/0266.html
http://www.kb.cert.org/vuls/id/464113

Solution : Contact your vendor for a patch
Risk factor : Medium
BID : 7487
general/icmp
Medium

The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor : Low
CVE : CAN-1999-0524
www (80/tcp)
Info
A web server is running on this port
general/udp
Info
For your information, here is the traceroute to 10.0.0.48 :
10.0.0.59
10.0.0.48

telnet (23/tcp)
Info
A telnet server seems to be running on this port
telnet (23/tcp)
Info
Remote telnet banner :


Router Manager Console Version: 1.17 Build 0429 Apr 29 2005, 18:02:35

Please enter your password:*
general/tcp
Info

** All ports were skipped by this check because some
** scripts could not connect to them before the defined timeout

This might be an availability problem related which might be
due to the following reasons :

- The remote host is now down, either because a user turned it
off during the scan

- A network outage has been experienced during the scan, and the remote
network cannot be reached from the Nessus server any more

- This Nessus server has been blacklisted by the system administrator
or by automatic intrusion detection/prevention systems which have detected the
vulnerability assessment.


In any case, the audit of the remote host might be incomplete and may need to
be done again