API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2019
231
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.11 KB | None | 0 0
raw download clone embed print report
  1. I Summary
  2. =========
  3.  
  4. This document reports on the results of an automatic security scan.
  5. The report first summarises the results found.
  6. Then, for each host, the report describes every issue found.
  7. Please consider the advice given in each description, in order to rectify
  8. the issue.
  9.  
  10. All dates are displayed using the timezone "Coordinated Universal Time",
  11. which is abbreviated "UTC".
  12.  
  13. Vendor security updates are not trusted.
  14.  
  15. Overrides are on. When a result has an override, this report uses the
  16. threat of the override.
  17.  
  18. Notes are included in the report.Information on overrides is included in the report.
  19.  
  20. This report might not show details of all issues that were found.
  21.  
  22. This report contains all 29 results selected by the
  23. filtering described above. Before filtering there were 29 results.
  24.  
  25. Scan started: Tue May 21 02:50:15 2019 UTC
  26. Scan ended: Tue May 21 03:19:49 2019 UTC
  27. Task: New Quick Task
  28.  
  29. Host Summary
  30. ************
  31.  
  32. Host High Medium Low Log False Positive
  33. 151.236.219.217 1 10 0 18 0
  34. Total: 1 1 10 0 18 0
  35.  
  36.  
  37. II Results per Host
  38. ===================
  39.  
  40. Host 151.236.219.217
  41. ********************
  42.  
  43. Scanning of this host started at: Tue May 21 02:50:41 2019 UTC
  44. Number of results: 29
  45.  
  46. Port Summary for Host 151.236.219.217
  47. -------------------------------------
  48.  
  49. Service (Port) Threat Level
  50. 21/tcp Log
  51. 80/tcp High
  52. general/CPE-T Log
  53. general/tcp Medium
  54. 22/tcp Medium
  55.  
  56. Security Issues for Host 151.236.219.217
  57. ----------------------------------------
  58.  
  59. Issue
  60. -----
  61. NVT: 1.3.6.1.4.1.25623.1.0.813812
  62. OID: 1.3.6.1.4.1.25623.1.0.813812
  63. Threat: Medium
  64. Port: 80/tcp
  65.  
  66. Vulnerability Detection Result:
  67. Installed version: 2.4.25
  68. Fixed version: 2.4.34
  69. Installation
  70. path / port: 80/tcp
  71.  
  72. Log Method:
  73. Details:
  74. 1.3.6.1.4.1.25623.1.0.813812
  75. (OID: 1.3.6.1.4.1.25623.1.0.813812)
  76. Version used: $Revision: 12116 $
  77.  
  78. References:
  79. CERT: CB-K18/0805
  80. , DFN-CERT-2019-0359
  81. , DFN-CERT-2019-0351
  82. , DFN-CERT-2018-2316
  83. , DFN-CERT-2018-2011
  84. , DFN-CERT-2018-1642
  85. , DFN-CERT-2018-1412
  86.  
  87.  
  88.  
  89. Issue
  90. -----
  91. NVT: 1.3.6.1.4.1.25623.1.0.811237
  92. OID: 1.3.6.1.4.1.25623.1.0.811237
  93. Threat: Medium
  94. Port: 80/tcp
  95.  
  96. Vulnerability Detection Result:
  97. Installed version: 2.4.25
  98. Fixed version: 2.4.27
  99.  
  100. Log Method:
  101. Details:
  102. 1.3.6.1.4.1.25623.1.0.811237
  103. (OID: 1.3.6.1.4.1.25623.1.0.811237)
  104. Version used: $Revision: 14173 $
  105.  
  106. References:
  107. CERT: CB-K18/0066
  108. , CB-K17/2013
  109. , CB-K17/1980
  110. , CB-K17/1936
  111. , CB-K17/1871
  112. , CB-K17/1854
  113. , CB-K17/1842
  114. , CB-K17/1768
  115. , CB-K17/1747
  116. , CB-K17/1622
  117. , CB-K17/1558
  118. , CB-K17/1382
  119. , CB-K17/1197
  120. , CB-K17/1177
  121. , CB-K17/1023
  122. , DFN-CERT-2019-0358
  123. , DFN-CERT-2018-0077
  124. , DFN-CERT-2017-2104
  125. , DFN-CERT-2017-2070
  126. , DFN-CERT-2017-2021
  127. , DFN-CERT-2017-1954
  128. , DFN-CERT-2017-1926
  129. , DFN-CERT-2017-1925
  130. , DFN-CERT-2017-1843
  131. , DFN-CERT-2017-1828
  132. , DFN-CERT-2017-1692
  133. , DFN-CERT-2017-1626
  134. , DFN-CERT-2017-1443
  135. , DFN-CERT-2017-1240
  136. , DFN-CERT-2017-1217
  137. , DFN-CERT-2017-1058
  138.  
  139.  
  140.  
  141. Issue
  142. -----
  143. NVT: 1.3.6.1.4.1.25623.1.0.141966
  144. OID: 1.3.6.1.4.1.25623.1.0.141966
  145. Threat: Medium
  146. Port: general/tcp
  147.  
  148. Vulnerability Detection Result:
  149. Installed version: 2.4.25
  150. Fixed version: 2.4.38
  151.  
  152. Log Method:
  153. Details:
  154. 1.3.6.1.4.1.25623.1.0.141966
  155. (OID: 1.3.6.1.4.1.25623.1.0.141966)
  156. Version used: $Revision: 13547 $
  157.  
  158. References:
  159. CERT: CB-K19/0316
  160. , CB-K19/0071
  161. , DFN-CERT-2019-0781
  162. , DFN-CERT-2019-0687
  163. , DFN-CERT-2019-0529
  164. , DFN-CERT-2019-0184
  165.  
  166.  
  167.  
  168. Issue
  169. -----
  170. NVT: 1.3.6.1.4.1.25623.1.0.141964
  171. OID: 1.3.6.1.4.1.25623.1.0.141964
  172. Threat: Medium
  173. Port: general/tcp
  174.  
  175. Vulnerability Detection Result:
  176. Installed version: 2.4.25
  177. Fixed version: 2.4.38
  178.  
  179. Log Method:
  180. Details:
  181. 1.3.6.1.4.1.25623.1.0.141964
  182. (OID: 1.3.6.1.4.1.25623.1.0.141964)
  183. Version used: $Revision: 13750 $
  184.  
  185. References:
  186. CERT: CB-K19/0316
  187. , CB-K19/0071
  188. , DFN-CERT-2019-0690
  189. , DFN-CERT-2019-0687
  190. , DFN-CERT-2019-0198
  191. , DFN-CERT-2019-0184
  192.  
  193.  
  194.  
  195. Issue
  196. -----
  197. NVT: 1.3.6.1.4.1.25623.1.0.142226
  198. OID: 1.3.6.1.4.1.25623.1.0.142226
  199. Threat: Medium
  200. Port: general/tcp
  201.  
  202. Vulnerability Detection Result:
  203. Installed version: 2.4.25
  204. Fixed version: 2.4.39
  205.  
  206. Log Method:
  207. Details:
  208. 1.3.6.1.4.1.25623.1.0.142226
  209. (OID: 1.3.6.1.4.1.25623.1.0.142226)
  210. Version used: 2019-04-08T15:50:06+0000
  211.  
  212. References:
  213. CERT: CB-K19/0267
  214. , DFN-CERT-2019-0687
  215. , DFN-CERT-2019-0676
  216.  
  217.  
  218.  
  219. Issue
  220. -----
  221. NVT: 1.3.6.1.4.1.25623.1.0.812849
  222. OID: 1.3.6.1.4.1.25623.1.0.812849
  223. Threat: Medium
  224. Port: 80/tcp
  225.  
  226. Vulnerability Detection Result:
  227. Installed version: 2.4.25
  228. Fixed version: 2.4.30
  229. Installation
  230. path / port: 80/tcp
  231.  
  232. Log Method:
  233. Details:
  234. 1.3.6.1.4.1.25623.1.0.812849
  235. (OID: 1.3.6.1.4.1.25623.1.0.812849)
  236. Version used: $Revision: 12116 $
  237.  
  238. References:
  239. CERT: CB-K18/0535
  240. , DFN-CERT-2019-0359
  241. , DFN-CERT-2019-0351
  242. , DFN-CERT-2018-2316
  243. , DFN-CERT-2018-0985
  244. , DFN-CERT-2018-0570
  245.  
  246.  
  247.  
  248. Issue
  249. -----
  250. NVT: 1.3.6.1.4.1.25623.1.0.811214
  251. OID: 1.3.6.1.4.1.25623.1.0.811214
  252. Threat: High
  253. Port: 80/tcp
  254.  
  255. Vulnerability Detection Result:
  256. Installed version: 2.4.25
  257. Fixed version: 2.4.26
  258.  
  259. Log Method:
  260. Details:
  261. 1.3.6.1.4.1.25623.1.0.811214
  262. (OID: 1.3.6.1.4.1.25623.1.0.811214)
  263. Version used: $Revision: 11863 $
  264.  
  265. References:
  266. CERT: CB-K18/0066
  267. , CB-K17/2188
  268. , CB-K17/2013
  269. , CB-K17/1936
  270. , CB-K17/1854
  271. , CB-K17/1842
  272. , CB-K17/1768
  273. , CB-K17/1747
  274. , CB-K17/1622
  275. , CB-K17/1382
  276. , CB-K17/1279
  277. , CB-K17/1154
  278. , CB-K17/1023
  279. , DFN-CERT-2019-0358
  280. , DFN-CERT-2018-0077
  281. , DFN-CERT-2017-2290
  282. , DFN-CERT-2017-2104
  283. , DFN-CERT-2017-2021
  284. , DFN-CERT-2017-1926
  285. , DFN-CERT-2017-1925
  286. , DFN-CERT-2017-1843
  287. , DFN-CERT-2017-1828
  288. , DFN-CERT-2017-1692
  289. , DFN-CERT-2017-1443
  290. , DFN-CERT-2017-1327
  291. , DFN-CERT-2017-1193
  292. , DFN-CERT-2017-1058
  293.  
  294.  
  295.  
  296. Issue
  297. -----
  298. NVT: 1.3.6.1.4.1.25623.1.0.108252
  299. OID: 1.3.6.1.4.1.25623.1.0.108252
  300. Threat: Medium
  301. Port: 80/tcp
  302.  
  303. Vulnerability Detection Result:
  304. Installed version: 2.4.25
  305. Fixed version: 2.4.28
  306.  
  307. Log Method:
  308. Details:
  309. 1.3.6.1.4.1.25623.1.0.108252
  310. (OID: 1.3.6.1.4.1.25623.1.0.108252)
  311. Version used: $Revision: 11983 $
  312.  
  313. References:
  314. CERT: CB-K18/1012
  315. , CB-K18/0800
  316. , CB-K18/0606
  317. , CB-K18/0098
  318. , CB-K18/0066
  319. , CB-K17/2188
  320. , CB-K17/2117
  321. , CB-K17/2021
  322. , CB-K17/1980
  323. , CB-K17/1936
  324. , CB-K17/1871
  325. , CB-K17/1773
  326. , CB-K17/1768
  327. , CB-K17/1587
  328. , DFN-CERT-2019-0359
  329. , DFN-CERT-2018-2113
  330. , DFN-CERT-2018-1070
  331. , DFN-CERT-2018-0725
  332. , DFN-CERT-2018-0100
  333. , DFN-CERT-2018-0077
  334. , DFN-CERT-2017-2290
  335. , DFN-CERT-2017-2211
  336. , DFN-CERT-2017-2108
  337. , DFN-CERT-2017-2070
  338. , DFN-CERT-2017-2021
  339. , DFN-CERT-2017-1954
  340. , DFN-CERT-2017-1854
  341. , DFN-CERT-2017-1843
  342. , DFN-CERT-2017-1659
  343.  
  344.  
  345.  
  346. Issue
  347. -----
  348. NVT: 1.3.6.1.4.1.25623.1.0.900498
  349. OID: 1.3.6.1.4.1.25623.1.0.900498
  350. Threat: Log
  351. Port: 80/tcp
  352.  
  353. Vulnerability Detection Result:
  354. Detected Apache
  355. Version: 2.4.25
  356. Location: 80/tcp
  357. CPE: cpe:/a:apache:http_server:2.4.25
  358. Concluded from version/product identification result:
  359. Server: Apache/2.4.25
  360.  
  361. Log Method:
  362. Details:
  363. 1.3.6.1.4.1.25623.1.0.900498
  364. (OID: 1.3.6.1.4.1.25623.1.0.900498)
  365. Version used: $Revision: 10290 $
  366.  
  367.  
  368. Issue
  369. -----
  370. NVT: 1.3.6.1.4.1.25623.1.0.111038
  371. OID: 1.3.6.1.4.1.25623.1.0.111038
  372. Threat: Log
  373. Port: 80/tcp
  374.  
  375. Vulnerability Detection Result:
  376. The Hostname/IP "li574-217.members.linode.com" was used to access the remote hos!
  377. t.
  378. Generic web application scanning is disabled for this host via the "Enable gener!
  379. ic web application scanning" option within the "Global variable settings" of the!
  380. scan config in use.
  381. Requests to this service are done via HTTP/1.1.
  382. This service seems to be able to host PHP scripts.
  383. This service seems to be NOT able to host ASP scripts.
  384. The User-Agent "Mozilla/5.0 [en] (X11, U; OpenVAS-VT 9.0.3)" was used to access !
  385. the remote host.
  386. Historic /scripts and /cgi-bin are not added to the directories used for CGI sca!
  387. nning. You can enable this again with the "Add historic /scripts and /cgi-bin to!
  388. directories for CGI scanning" option within the "Global variable settings" of t!
  389. he scan config in use.
  390. A possible recursion was detected during CGI scanning:
  391. The service is using a relative URL in one or more HTML references where e.g. /f!
  392. ile1.html contains <a href="subdir/file2.html"> and a subsequent request for sub!
  393. dir/file2.html is linking to subdir/file2.html. This would resolves to subdir/su!
  394. bdir/file2.html causing a recursion. To work around this counter-measures have b!
  395. een enabled but the service should be fixed as well to not use such problematic !
  396. links. Below an excerpt of URLs is shown to help identify those issues.
  397. Syntax : URL (HTML link)
  398. http://li574-217.members.linode.com/cgialfa/?D=A (alfa_shtml/)
  399. http://li574-217.members.linode.com/cgialfa/?D=A (cgialfa/)
  400. The following directories were used for CGI scanning:
  401. http://li574-217.members.linode.com/
  402. http://li574-217.members.linode.com/alfa_shtml
  403. http://li574-217.members.linode.com/alfacgiapi
  404. http://li574-217.members.linode.com/cgialfa
  405. http://li574-217.members.linode.com/cgialfa/alfa_shtml
  406. http://li574-217.members.linode.com/cgialfa/cgialfa
  407. http://li574-217.members.linode.com/cgialfa/config-sniper
  408. http://li574-217.members.linode.com/cgialfa/cpanels
  409. http://li574-217.members.linode.com/cgialfa/password_changer
  410. http://li574-217.members.linode.com/cgialfa/password_changer/whm_plugin
  411. While this is not, in and of itself, a bug, you should manually inspect these di!
  412. rectories to ensure that they are in compliance with company security standards
  413. The following directories were excluded from CGI scanning because the "Regex pat!
  414. tern to exclude directories from CGI scanning" setting of the NVT "Global variab!
  415. le settings" (OID: 1.3.6.1.4.1.25623.1.0.12288) for this scan was: "/(index\.php!
  416. |image|img|css|js$|js/|javascript|style|theme|icon|jquery|graphic|grafik|picture!
  417. |bilder|thumbnail|media/|skins?/)"
  418. http://li574-217.members.linode.com/icons
  419. Directory index found at:
  420. http://li574-217.members.linode.com/
  421. http://li574-217.members.linode.com/alfa_shtml/
  422. http://li574-217.members.linode.com/alfacgiapi/
  423. http://li574-217.members.linode.com/cgialfa/
  424. http://li574-217.members.linode.com/cgialfa/alfa_shtml/
  425. http://li574-217.members.linode.com/cgialfa/cgialfa/
  426. http://li574-217.members.linode.com/cgialfa/config-sniper/
  427. http://li574-217.members.linode.com/cgialfa/password_changer/whm_plugin/
  428. The following CGIs were discovered:
  429. Syntax : cginame (arguments [default value])
  430. http://li574-217.members.linode.com/ (C=S;O [A] C=N;O [D] C=M;O [A] C=D;O [A] )
  431. http://li574-217.members.linode.com/alfa_shtml/ (C=S;O [A] C=N;O [D] C=M;O [A] C!
  432. =D;O [A] )
  433. http://li574-217.members.linode.com/alfacgiapi/ (C=S;O [A] C=N;O [D] C=M;O [A] C!
  434. =D;O [A] )
  435. http://li574-217.members.linode.com/cgialfa/ (php_info [] host [] C=S;O [A] doma!
  436. ins [] time [] solevisible [] C=N;O [D] uploader [] C=M;O [A] act [phptools] C=D!
  437. ;O [A] mass_injector [] server_info [] file_manager [] die [] back_connecter [] !
  438. )
  439. http://li574-217.members.linode.com/cgialfa/alfa_shtml/ (C=S;O [A] C=N;O [D] C=M!
  440. ;O [A] C=D;O [A] )
  441. http://li574-217.members.linode.com/cgialfa/cgialfa/ (C=S;O [A] C=N;O [D] C=M;O !
  442. [A] C=D;O [A] )
  443. http://li574-217.members.linode.com/cgialfa/config-sniper/ (C=S;O [A] C=N;O [D] !
  444. C=M;O [A] C=D;O [A] )
  445. http://li574-217.members.linode.com/cgialfa/cpanels/ (C=S;O [A] C=N;O [D] C=M;O !
  446. [A] C=D;O [A] )
  447. http://li574-217.members.linode.com/cgialfa/ok.php (f[] [] a [dlfile] c [] file !
  448. [] )
  449. http://li574-217.members.linode.com/cgialfa/password_changer/ (C=S;O [A] C=N;O [!
  450. D] C=M;O [A] C=D;O [A] )
  451. http://li574-217.members.linode.com/cgialfa/password_changer/whm_plugin/ (C=S;O !
  452. [A] C=N;O [D] C=M;O [A] C=D;O [A] )
  453.  
  454. Log Method:
  455. Details:
  456. 1.3.6.1.4.1.25623.1.0.111038
  457. (OID: 1.3.6.1.4.1.25623.1.0.111038)
  458. Version used: $Revision: 13679 $
  459.  
  460.  
  461. Issue
  462. -----
  463. NVT: 1.3.6.1.4.1.25623.1.0.10919
  464. OID: 1.3.6.1.4.1.25623.1.0.10919
  465. Threat: Log
  466. Port: 22/tcp
  467.  
  468. Vulnerability Detection Result:
  469. This port was detected as being open by a port scanner but is now closed.
  470. This service might have been crashed by a port scanner or by a plugin
  471.  
  472. Log Method:
  473. Details:
  474. 1.3.6.1.4.1.25623.1.0.10919
  475. (OID: 1.3.6.1.4.1.25623.1.0.10919)
  476. Version used: $Revision: 13783 $
  477.  
  478.  
  479. Issue
  480. -----
  481. NVT: 1.3.6.1.4.1.25623.1.0.810002
  482. OID: 1.3.6.1.4.1.25623.1.0.810002
  483. Threat: Log
  484. Port: general/CPE-T
  485.  
  486. Vulnerability Detection Result:
  487. 151.236.219.217|cpe:/a:apache:http_server:2.4.25
  488. 151.236.219.217|cpe:/a:openbsd:openssh:7.4p1
  489. 151.236.219.217|cpe:/a:php:php
  490. 151.236.219.217|cpe:/o:debian:debian_linux:9
  491.  
  492. Log Method:
  493. Details:
  494. 1.3.6.1.4.1.25623.1.0.810002
  495. (OID: 1.3.6.1.4.1.25623.1.0.810002)
  496. Version used: $Revision: 14324 $
  497.  
  498.  
  499. Issue
  500. -----
  501. NVT: 1.3.6.1.4.1.25623.1.0.103079
  502. OID: 1.3.6.1.4.1.25623.1.0.103079
  503. Threat: Log
  504. Port: 80/tcp
  505.  
  506. Vulnerability Detection Result:
  507. This are the directories/files found with brute force:
  508. http://li574
  509.  
  510. Log Method:
  511. Details:
  512. 1.3.6.1.4.1.25623.1.0.103079
  513. (OID: 1.3.6.1.4.1.25623.1.0.103079)
  514. Version used: $Revision: 13985 $
  515.  
  516.  
  517. Issue
  518. -----
  519. NVT: 1.3.6.1.4.1.25623.1.0.112081
  520. OID: 1.3.6.1.4.1.25623.1.0.112081
  521. Threat: Log
  522. Port: 80/tcp
  523.  
  524. Vulnerability Detection Result:
  525. Missing Headers
  526. ---------------
  527. Content-Security-Policy
  528. Referrer-Policy
  529. X-Content-Type-Options
  530. X-Frame-Options
  531. X-Permitted-Cross-Domain-Policies
  532. X-XSS-Protection
  533.  
  534. Log Method:
  535. Details:
  536. 1.3.6.1.4.1.25623.1.0.112081
  537. (OID: 1.3.6.1.4.1.25623.1.0.112081)
  538. Version used: $Revision: 10899 $
  539.  
  540.  
  541. Issue
  542. -----
  543. NVT: 1.3.6.1.4.1.25623.1.0.10107
  544. OID: 1.3.6.1.4.1.25623.1.0.10107
  545. Threat: Log
  546. Port: 80/tcp
  547.  
  548. Vulnerability Detection Result:
  549. The remote web server type is :
  550. Apache/2.4.25 (Debian)
  551. Solution : You can set the directive "ServerTokens Prod" to limit
  552. the information emanating from the server in its response headers.
  553.  
  554. Log Method:
  555. Details:
  556. 1.3.6.1.4.1.25623.1.0.10107
  557. (OID: 1.3.6.1.4.1.25623.1.0.10107)
  558. Version used: $Revision: 11585 $
  559.  
  560.  
  561. Issue
  562. -----
  563. NVT: 1.3.6.1.4.1.25623.1.0.812051
  564. OID: 1.3.6.1.4.1.25623.1.0.812051
  565. Threat: Medium
  566. Port: 22/tcp
  567.  
  568. Vulnerability Detection Result:
  569. Installed version: 7.4p1
  570. Fixed version: 7.6
  571.  
  572. Log Method:
  573. Details:
  574. 1.3.6.1.4.1.25623.1.0.812051
  575. (OID: 1.3.6.1.4.1.25623.1.0.812051)
  576. Version used: $Revision: 11983 $
  577.  
  578. References:
  579. CERT: CB-K18/0137
  580. , CB-K17/2126
  581. , CB-K17/2014
  582. , CB-K17/2002
  583. , DFN-CERT-2019-0362
  584. , DFN-CERT-2018-2554
  585. , DFN-CERT-2018-2191
  586. , DFN-CERT-2018-2068
  587. , DFN-CERT-2018-1828
  588. , DFN-CERT-2018-1568
  589. , DFN-CERT-2018-0150
  590. , DFN-CERT-2017-2217
  591. , DFN-CERT-2017-2100
  592. , DFN-CERT-2017-2093
  593.  
  594.  
  595.  
  596. Issue
  597. -----
  598. NVT: 1.3.6.1.4.1.25623.1.0.813864
  599. OID: 1.3.6.1.4.1.25623.1.0.813864
  600. Threat: Medium
  601. Port: 22/tcp
  602.  
  603. Vulnerability Detection Result:
  604. Installed version: 7.4p1
  605. Fixed version: 7.8
  606. Installation
  607. path / port: 22/tcp
  608.  
  609. Log Method:
  610. Details:
  611. 1.3.6.1.4.1.25623.1.0.813864
  612. (OID: 1.3.6.1.4.1.25623.1.0.813864)
  613. Version used: $Revision: 12956 $
  614.  
  615. References:
  616. CERT: CB-K18/1031
  617. , CB-K18/0873
  618. , DFN-CERT-2019-0362
  619. , DFN-CERT-2018-2293
  620. , DFN-CERT-2018-2259
  621. , DFN-CERT-2018-2191
  622. , DFN-CERT-2018-1806
  623. , DFN-CERT-2018-1696
  624.  
  625.  
  626.  
  627. Issue
  628. -----
  629. NVT: 1.3.6.1.4.1.25623.1.0.105937
  630. OID: 1.3.6.1.4.1.25623.1.0.105937
  631. Threat: Log
  632. Port: general/tcp
  633.  
  634. Vulnerability Detection Result:
  635. Best matching OS:
  636. OS: Debian GNU/Linux 9
  637. Version: 9
  638. CPE: cpe:/o:debian:debian_linux:9
  639. Found by NVT: 1.3.6.1.4.1.25623.1.0.105586 (SSH OS Identification)
  640. Concluded from SSH banner on port 22/tcp: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u6
  641. Setting key "Host/runs_unixoide" based on this information
  642. Other OS detections (in order of reliability):
  643. OS: Debian GNU/Linux 9
  644. Version: 9
  645. CPE: cpe:/o:debian:debian_linux:9
  646. Found by NVT: 1.3.6.1.4.1.25623.1.0.111067 (HTTP OS Identification)
  647. Concluded from HTTP Server banner on port 80/tcp: Server: Apache/2.4.25 (Debian)
  648.  
  649. Log Method:
  650. Details:
  651. 1.3.6.1.4.1.25623.1.0.105937
  652. (OID: 1.3.6.1.4.1.25623.1.0.105937)
  653. Version used: 2019-04-25T09:49:09+0000
  654.  
  655.  
  656. Issue
  657. -----
  658. NVT: 1.3.6.1.4.1.25623.1.0.800109
  659. OID: 1.3.6.1.4.1.25623.1.0.800109
  660. Threat: Log
  661. Port: 80/tcp
  662.  
  663. Vulnerability Detection Result:
  664. Detected PHP
  665. Version: unknown
  666. Location: 80/tcp
  667. CPE: cpe:/a:php:php
  668. Concluded from version/product identification result:
  669. PHPSESSID Session-Cookie
  670.  
  671. Log Method:
  672. Details:
  673. 1.3.6.1.4.1.25623.1.0.800109
  674. (OID: 1.3.6.1.4.1.25623.1.0.800109)
  675. Version used: $Revision: 13811 $
  676.  
  677.  
  678. Issue
  679. -----
  680. NVT: 1.3.6.1.4.1.25623.1.0.11153
  681. OID: 1.3.6.1.4.1.25623.1.0.11153
  682. Threat: Log
  683. Port: 22/tcp
  684.  
  685. Vulnerability Detection Result:
  686. A SSH server seems to be running on this port
  687.  
  688. Log Method:
  689. Details:
  690. 1.3.6.1.4.1.25623.1.0.11153
  691. (OID: 1.3.6.1.4.1.25623.1.0.11153)
  692. Version used: $Revision: 14067 $
  693.  
  694.  
  695. Issue
  696. -----
  697. NVT: 1.3.6.1.4.1.25623.1.0.10330
  698. OID: 1.3.6.1.4.1.25623.1.0.10330
  699. Threat: Log
  700. Port: 80/tcp
  701.  
  702. Vulnerability Detection Result:
  703. A web server is running on this port
  704.  
  705. Log Method:
  706. Details:
  707. 1.3.6.1.4.1.25623.1.0.10330
  708. (OID: 1.3.6.1.4.1.25623.1.0.10330)
  709. Version used: $Revision: 13541 $
  710.  
  711.  
  712. Issue
  713. -----
  714. NVT: 1.3.6.1.4.1.25623.1.0.10330
  715. OID: 1.3.6.1.4.1.25623.1.0.10330
  716. Threat: Log
  717. Port: 22/tcp
  718.  
  719. Vulnerability Detection Result:
  720. An unknown service is running on this port.
  721. It is usually reserved for SSH
  722.  
  723. Log Method:
  724. Details:
  725. 1.3.6.1.4.1.25623.1.0.10330
  726. (OID: 1.3.6.1.4.1.25623.1.0.10330)
  727. Version used: $Revision: 13541 $
  728.  
  729.  
  730. Issue
  731. -----
  732. NVT: 1.3.6.1.4.1.25623.1.0.10330
  733. OID: 1.3.6.1.4.1.25623.1.0.10330
  734. Threat: Log
  735. Port: 21/tcp
  736.  
  737. Vulnerability Detection Result:
  738. An unknown service is running on this port.
  739. It is usually reserved for FTP
  740.  
  741. Log Method:
  742. Details:
  743. 1.3.6.1.4.1.25623.1.0.10330
  744. (OID: 1.3.6.1.4.1.25623.1.0.10330)
  745. Version used: $Revision: 13541 $
  746.  
  747.  
  748. Issue
  749. -----
  750. NVT: 1.3.6.1.4.1.25623.1.0.105565
  751. OID: 1.3.6.1.4.1.25623.1.0.105565
  752. Threat: Log
  753. Port: 22/tcp
  754.  
  755. Vulnerability Detection Result:
  756. The following options are supported by the remote ssh service:
  757. kex_algorithms:
  758. curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nist!
  759. p384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-grou!
  760. p16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-he!
  761. llman-group14-sha1
  762. server_host_key_algorithms:
  763. ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
  764. encryption_algorithms_client_to_server:
  765. chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openss!
  766. h.com,aes256-gcm@openssh.com
  767. encryption_algorithms_server_to_client:
  768. chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openss!
  769. h.com,aes256-gcm@openssh.com
  770. mac_algorithms_client_to_server:
  771. umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,h!
  772. mac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-!
  773. 128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  774. mac_algorithms_server_to_client:
  775. umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,h!
  776. mac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-!
  777. 128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  778. compression_algorithms_client_to_server:
  779. none,zlib@openssh.com
  780. compression_algorithms_server_to_client:
  781. none,zlib@openssh.com
  782.  
  783. Log Method:
  784. Details:
  785. 1.3.6.1.4.1.25623.1.0.105565
  786. (OID: 1.3.6.1.4.1.25623.1.0.105565)
  787. Version used: $Revision: 13581 $
  788.  
  789.  
  790. Issue
  791. -----
  792. NVT: 1.3.6.1.4.1.25623.1.0.100259
  793. OID: 1.3.6.1.4.1.25623.1.0.100259
  794. Threat: Log
  795. Port: 22/tcp
  796.  
  797. Vulnerability Detection Result:
  798. The remote SSH Server supports the following SSH Protocol Versions:
  799. 1.99
  800. 2.0
  801. SSHv2 Fingerprint(s):
  802. ecdsa-sha2-nistp256: 0f:5f:a2:92:df:6e:19:2a:c0:e1:2a:ce:03:bb:b7:90
  803. ssh-ed25519: 41:1c:f0:e4:57:48:86:50:28:46:6e:ae:12:25:b4:d2
  804. ssh-rsa: 7c:ef:29:6a:03:1b:c3:ec:82:0e:e6:4b:6a:db:6e:eb
  805.  
  806. Log Method:
  807. Details:
  808. 1.3.6.1.4.1.25623.1.0.100259
  809. (OID: 1.3.6.1.4.1.25623.1.0.100259)
  810. Version used: $Revision: 13594 $
  811.  
  812.  
  813. Issue
  814. -----
  815. NVT: 1.3.6.1.4.1.25623.1.0.10267
  816. OID: 1.3.6.1.4.1.25623.1.0.10267
  817. Threat: Log
  818. Port: 22/tcp
  819.  
  820. Vulnerability Detection Result:
  821. Remote SSH server banner: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u6
  822. Remote SSH supported authentication: password,publickey
  823. Remote SSH text/login banner: (not available)
  824. This is probably:
  825. - OpenSSH
  826. CPE: cpe:/a:openbsd:openssh:7.4p1
  827. Concluded from remote connection attempt with credentials:
  828. Login: OpenVAS-VT
  829. Password: OpenVAS-VT
  830.  
  831. Log Method:
  832. Details:
  833. 1.3.6.1.4.1.25623.1.0.10267
  834. (OID: 1.3.6.1.4.1.25623.1.0.10267)
  835. Version used: 2019-03-22T07:02:59+0000
  836.  
  837.  
  838. Issue
  839. -----
  840. NVT: 1.3.6.1.4.1.25623.1.0.902815
  841. OID: 1.3.6.1.4.1.25623.1.0.902815
  842. Threat: Medium
  843. Port: general/tcp
  844.  
  845. Vulnerability Detection Result:
  846. Vulnerability was detected according to the Vulnerability Detection Method.
  847.  
  848. Log Method:
  849. Details:
  850. 1.3.6.1.4.1.25623.1.0.902815
  851. (OID: 1.3.6.1.4.1.25623.1.0.902815)
  852. Version used: $Revision: 11066 $
  853.  
  854. References:
  855. CERT: CB-K17/0697
  856. , CB-K17/0297
  857. , CB-K17/0238
  858. , CB-K17/0168
  859. , CB-K15/0080
  860. , CB-K14/1162
  861. , CB-K14/0852
  862. , DFN-CERT-2017-0719
  863. , DFN-CERT-2017-0305
  864. , DFN-CERT-2017-0249
  865. , DFN-CERT-2017-0171
  866. , DFN-CERT-2015-0082
  867. , DFN-CERT-2014-1217
  868. , DFN-CERT-2014-0890
  869.  
  870.  
  871.  
  872. Issue
  873. -----
  874. NVT: 1.3.6.1.4.1.25623.1.0.51662
  875. OID: 1.3.6.1.4.1.25623.1.0.51662
  876. Threat: Log
  877. Port: general/tcp
  878.  
  879. Vulnerability Detection Result:
  880. Here is the route from 192.168.132.128 to 151.236.219.217:
  881. 192.168.132.128
  882. 151.236.219.217
  883.  
  884. Log Method:
  885. Details:
  886. 1.3.6.1.4.1.25623.1.0.51662
  887. (OID: 1.3.6.1.4.1.25623.1.0.51662)
  888. Version used: $Revision: 10411 $
  889.  
  890.  
  891. Issue
  892. -----
  893. NVT: 1.3.6.1.4.1.25623.1.0.80110
  894. OID: 1.3.6.1.4.1.25623.1.0.80110
  895. Threat: Log
  896. Port: 80/tcp
  897.  
  898. Vulnerability Detection Result:
  899. The wapiti report filename is empty. That could mean that a wrong version of wap!
  900. iti is used or tmp dir is not accessible. Make sure to have wapiti 2.x as wapiti!
  901. 1.x is not supported.
  902. In short: Check the installation of wapiti and the scanner.
  903.  
  904. Log Method:
  905. Details:
  906. 1.3.6.1.4.1.25623.1.0.80110
  907. (OID: 1.3.6.1.4.1.25623.1.0.80110)
  908. Version used: $Revision: 13985 $
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!