Network Vulnerability Assessment Report
21.11.2006
Sorted by host names

Session name: ZyXEL ZyWALL P1Start Time:21.11.2006 00:11:18
Finish Time:21.11.2006 00:12:54
Elapsed:0 day(s) 00:01:35
Total records generated:10
high severity:1
Medium severity:1
informational:8


Summary of scanned hosts

HostHolesWarningsOpen portsState
192.168.0.100116Finished


192.168.0.100

ServiceSeverityDescription
ftp (21/tcp)
Info
Port is open
ssh (22/tcp)
Info
Port is open
telnet (23/tcp)
Info
Port is open
http (80/tcp)
Info
Port is open
https (443/tcp)
Info
Port is open
snmp (161/udp)
Info
Port is open
snmp (161/udp)
High

Synopsis :

The community name of the remote SNMP server can be guessed.

Description :

It is possible to obtain the default community names of the remote
SNMP server.

An attacker may use this information to gain more knowledge about
the remote host, or to change the configuration of the remote
system (if the default community allow such modifications).

Solution :

Disable the SNMP service on the remote host if you do not use it,
filter incoming UDP packets going to this port, or change the
default community string.

Risk factor :

High

Plugin output :

The remote SNMP server replies to the following default community
strings :

public

CVE : CVE-1999-0517, CVE-1999-0186, CVE-1999-0254, CVE-1999-0516
BID : 11237, 10576, 177, 2112, 6825, 7081, 7212, 7317, 9681, 986
Other references : IAVA:2001-B-0001
telnet (23/tcp)
Medium

Synopsis :

A telnet server is listening on the remote port

Description :

The remote host is running a telnet server.
Using telnet is not recommended as logins, passwords and commands
are transferred in clear text.

An attacker may eavesdrop on a telnet session and obtain the
credentials of other users.

Solution :

Disable this service and use SSH instead

Risk factor :

Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)

Plugin output:

Remote telnet banner:


Password:
ftp (21/tcp)
Info

Synopsis :

An FTP server is listening on this port

Description :

It is possible to obtain the banner of the remote FTP server
by connecting to the remote port.

Risk factor :

None

Plugin output :

The remote FTP banner is :
220 FTP version 1.0 ready at Mon Nov 20 21:09:44 2006


general/udp
Info
For your information, here is the traceroute from 192.168.0.1 to 192.168.0.100 :
192.168.0.1
?
192.168.0.100