API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 30th, 2016
174
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.53 KB | None | 0 0
raw download clone embed print report
  1. LOW:
  2.  
  3. X Server Detection
  4.  
  5. The remote host is running an X11 server. X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client. Since the X11 traffic is not encrypted, it is possible for an attacker to eavesdrop on the connection.
  6. The port that X Server uses is: 6000 / tcp / x11 and the solution to this problem is by restricting access to this port. If the X11 client/server facility is not used, disable TCP support in X11 entirely (-nolisten tcp).
  7.  
  8.  
  9. MEDIUM:
  10.  
  11. Unencrypted Telnet Server
  12.  
  13. The remote host is running a Telnet server over an unencrypted channel. Using Telnet over an unencrypted channel is not recommended as logins, passwords, and commands are transferred in cleartext. This allows a remote, man-in-the-middle attacker to eavesdrop on a Telnet session to obtain credentials or other sensitive information and to modify traffic exchanged between a client and server.
  14.  
  15. SSH is preferred over Telnet since it protects credentials from eavesdropping and can tunnel additional data streams. By using SSH over Telnet will bring the solution to this vulnerability
  16.  
  17.  
  18. SSL Self-Signed Certificate
  19.  
  20. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.
  21. The solution to this problem can be done by purchasing or generating a proper certificate for this service.
  22.  
  23. HIGH:
  24.  
  25. Unsupported Web Server Detection
  26.  
  27. According to its version, the remote web server is obsolete and no longer maintained by its vendor or provider.
  28. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.
  29. Solution to the problem can be done by removing the service if it is no longer needed. Otherwise, upgrade to a newer version if possible or switch to another server.
  30.  
  31. CRITICAL:
  32.  
  33. VNC Server 'password' Password
  34.  
  35. The VNC server running on the remote host is secured with a weak password. We were able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.
  36.  
  37. Solution: Secure the VNC service with a strong password.
  38.  
  39. Rogue Shell Backdoor Detection
  40.  
  41. A shell is listening on the remote port, without any authentication. An attacker may use it by connecting to the remote port and sending commands directly.
  42. Solution: Verify if the remote host has been compromised, and reinstall the system if necessary.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!