Network Vulnerability Assessment Report |
| |
Sorted by host names |
| |||||||||
|
Host | Holes | Warnings | Open ports | State |
10.0.0.34 | 0 | 0 | 3 | Finished |
Service | Severity | Description |
microsoft-ds (445/tcp) | Port is open | |
netbios-ns (137/tcp) | Port is open | |
www (80/tcp) | Port is open | |
microsoft-ds (445/tcp) | A CIFS server is running on this port | |
netbios-ns (137/tcp) | Synopsis : It is possible to obtain the network name of the remote host. Description : The remote host listens on udp port 137 and replies to NetBIOS nbtscan requests. By sending a wildcard request it is possible to obtain the name of the remote system and the name of its domain. Risk factor : None Plugin output : The following 7 NetBIOS names have been gathered : STORAGE = Computer name STORAGE = Messenger Service STORAGE = File Server Service __MSBROWSE__ = Master Browser WORKGROUP = Master Browser WORKGROUP = Browser Service Elections WORKGROUP = Workgroup / Domain name This SMB server seems to be a SAMBA server (MAC address is NULL). CVE : CVE-1999-0621 Other references : OSVDB:13577 | |
general/icmp | Synopsis : It is possible to determine the exact time set on the remote host. Description : The remote host answers to an ICMP timestamp request. This allows an attacker to know the date which is set on your machine. This may help him to defeat all your time based authentication protocols. Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14). Risk factor : None / CVSS Base Score : 0 (AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N) Plugin output : The ICMP timestamps seem to be in little endian format (not in network format) The difference between the local and remote clocks is 31026 seconds CVE : CVE-1999-0524 | |
general/tcp | The following ports were open at the beginning of the scan but are now closed: Port 80 was detected as being open but is now closed. This might be an availability problem related which might be due to the following reasons : - The remote host is now down, either because a user turned it off during the scan - A network outage has been experienced during the scan, and the remote network cannot be reached from the Vulnerability Scanner any more - This Vulnerability Scanner has been blacklisted by the system administrator or by automatic intrusion detection/prevention systems which have detected the vulnerability assessment. In any case, the audit of the remote host might be incomplete and may need to be done again | |
www (80/tcp) | A web server is running on this port |