Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- LOW:
- X Server Detection
- The remote host is running an X11 server. X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client. Since the X11 traffic is not encrypted, it is possible for an attacker to eavesdrop on the connection.
- The port that X Server uses is: 6000 / tcp / x11 and the solution to this problem is by restricting access to this port. If the X11 client/server facility is not used, disable TCP support in X11 entirely (-nolisten tcp).
- MEDIUM:
- Unencrypted Telnet Server
- The remote host is running a Telnet server over an unencrypted channel. Using Telnet over an unencrypted channel is not recommended as logins, passwords, and commands are transferred in cleartext. This allows a remote, man-in-the-middle attacker to eavesdrop on a Telnet session to obtain credentials or other sensitive information and to modify traffic exchanged between a client and server.
- SSH is preferred over Telnet since it protects credentials from eavesdropping and can tunnel additional data streams. By using SSH over Telnet will bring the solution to this vulnerability
- SSL Self-Signed Certificate
- If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.
- The solution to this problem can be done by purchasing or generating a proper certificate for this service.
- HIGH:
- Unsupported Web Server Detection
- According to its version, the remote web server is obsolete and no longer maintained by its vendor or provider.
- Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.
- Solution to the problem can be done by removing the service if it is no longer needed. Otherwise, upgrade to a newer version if possible or switch to another server.
- CRITICAL:
- VNC Server 'password' Password
- The VNC server running on the remote host is secured with a weak password. We were able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.
- Solution: Secure the VNC service with a strong password.
- Rogue Shell Backdoor Detection
- A shell is listening on the remote port, without any authentication. An attacker may use it by connecting to the remote port and sending commands directly.
- Solution: Verify if the remote host has been compromised, and reinstall the system if necessary.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement