Network Vulnerability Assessment Report |
| |
Sorted by host names |
| |||||||||
|
Host | Holes | Warnings | Open ports | State |
10.0.0.220 | 0 | 4 | 2 | Finished |
Service | Severity | Description |
netbios-ns (137/tcp) | Port is open | |
www (80/tcp) | Port is open | |
www (80/tcp) | The remote host is hosting the Pod.Board CGI suite, a set of PHP scripts designed to manage online forums. There is a cross site scripting issue in this suite which may allow an attacker to steal the cookies of your legitimate users, by luring them into clicking on a rogue URL. Solution : None at this time Risk factor : Low / Medium BID : 7933 | |
www (80/tcp) | The remote host is using 12Planet Chat Server. There is a bug in this software which makes it vulnerable to cross site scripting attacks. An attacker may use this bug to steal the credentials of the legitimate users of this site. Risk factor: Medium CVE : CAN-2004-0678 BID : 10659 | |
www (80/tcp) | The remote host is using InMail/InShop, a web applications written in Perl. An implementation error in the validation of the user input specifically in the script 'inmail.pl' in its 'acao' uri-argument and 'inshop.pl' in its 'screen' uri argument lead to an XSS vulnerability allowing a user to create cross site attacks, also allowing theft of cookie-based authentication credentials. Solution : None at this time Risk factor : Medium CVE : CVE-2004-1196, CVE-2004-1197 BID : 11758 Other references : OSVDB:11704 | |
www (80/tcp) | The remote host is running 'My Little Forum', a free CGI suite to manage discussion forums. This PHP/MySQL based forum suffers from a Cross Site Scripting vulnerability. This can be exploited by including arbitrary HTML or even JavaScript code in the parameters (forum_contact, category and page), which will be executed in user's browser session when viewed. Risk factor : Medium | |
www (80/tcp) | The following CGI have been discovered : Syntax : cginame (arguments [default value]) /goform/formLogin (f_LOGIN_NAME [] f_LOGIN_PASSWD [] B5 [Apply] B2 [Cancel] ) | |
netbios-ns (137/tcp) | Synopsis : It is possible to obtain the network name of the remote host. Description : The remote host listens on udp port 137 and replies to NetBIOS nbtscan requests. By sending a wildcard request it is possible to obtain the name of the remote system and the name of its domain. Risk factor : None Plugin output : The following 7 NetBIOS names have been gathered : WL-5460CAM = Computer name WL-5460CAM = Messenger Service WL-5460CAM = File Server Service __MSBROWSE__ = Master Browser WORKGROUP = Workgroup / Domain name WORKGROUP = Master Browser WORKGROUP = Browser Service Elections This SMB server seems to be a SAMBA server (MAC address is NULL). CVE : CVE-1999-0621 Other references : OSVDB:13577 | |
www (80/tcp) | A web server is running on this port | |
general/tcp | The following ports were open at the beginning of the scan but are now closed: Port 80 was detected as being open but is now closed. This might be an availability problem related which might be due to the following reasons : - The remote host is now down, either because a user turned it off during the scan - A network outage has been experienced during the scan, and the remote network cannot be reached from the Vulnerability Scanner any more - This Vulnerability Scanner has been blacklisted by the system administrator or by automatic intrusion detection/prevention systems which have detected the vulnerability assessment. In any case, the audit of the remote host might be incomplete and may need to be done again | |
general/icmp | Synopsis : It is possible to determine the exact time set on the remote host. Description : The remote host answers to an ICMP timestamp request. This allows an attacker to know the date which is set on your machine. This may help him to defeat all your time based authentication protocols. Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14). Risk factor : None / CVSS Base Score : 0 (AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N) Plugin output : The difference between the local and remote clocks is -87 seconds CVE : CVE-1999-0524 |