ScanAlert - Report - Thane

More documents

Recommendations

Info

Protocol Fix Difficulty Impact HTTP Medium Information Disclosure Description During an audit common directories are looked for. This may result in non public Web pages being found. Solution Make sure that these directories are intented for the public. Result Method GET Protocol https Port 443 Demo Path /images/ Links None Related None ICMP TimeStamp Request Port First Detected Category 0 26-JAN-2006 20:11 Other Protocol Fix Difficulty Impact ICMP Medium Information Disclosure Description The remote host appears to answer to an ICMP timestamp request. This allows an attacker to obtain date and local time information set on your machine. This information could be useful in finding a way to circumvent your time based authentication protocols. Solution Filter out the ICMP timestamp requests (ICMP type 13), and the outgoing ICMP timestamp replies (ICMP type 14). BlackICE firewall: This option is not available in all versions; see Links for details. The following lines can be added to the firewall.ini file under the [MANUAL ICMP...] section: REJECT, 13:0, ICMP TIMESTAMP, 2001-10-15 00:01:00, PERPETUAL, 1000, MANUAL REJECT, 17:0, ICMP MASKREQ, 2001-10-15 00:01:00, PERPETUAL, 1000, MANUAL Result None Links BlackIce Admin Guide BlackIce Block ICMP Related CVE CVE-1999-0524 Resolved Items - www.fitnessquest.com None Confidential - ScanAlert Security Audit Report Page 14
Vulnerability Levels Severity Level Description Urgent Critical High Medium Low Intruders can easily gain control of the device being tested, which can lead to the compromise of your entire network security. Or hackers can use this device to access sensitive information from other devices in your network. Hackers are often actively scanning for this type of vulnerability. For example, vulnerabilities at this level may include full read and write access to files or databases, remote execution of commands, gaining Administrator or Root level access, and the presence of Trojans or backdoors. Intruders can possibly gain direct control of the device being tested, or there may be potential leakage of highly sensitive information. For example, vulnerabilities at this level may include full read access to files, potential backdoors, or a listing of all the users hosted on the device. Intruders may be able to gain access to specific information stored on the device being tested, including security settings. This could result in potential misuse of, or unauthorized access to the device or information stored on it. For example, vulnerabilities at this level may include partial disclosure of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, denial of service attacks, and unauthorized use of services such as mail-relaying. Intruders may be able to collect sensitive information from the host, such as the precise version of OS or software installed or directory structure. While this level of vulnerability is not directly exploitable itself, with this information intruders can more easily exploit possible vulnerabilities specific to software versions in use. Intruders can collect general information about the device being tested (open ports, OS or software type, etc.). Hackers may be able to use this information to find exploitable vulnerabilities. Confidential - ScanAlert Security Audit Report Page 15
Page 1 and 2: Security Report - By Device Fitness
Page 3 and 4: Report Overview Customer Name Fitne
Page 5 and 6: Device Overview Name Urgent Critica
Page 7 and 8: Overview - 63.109.13.3 Last Audit D
Page 9 and 10: Overview - ashe.fitnessquest.com La
Page 11 and 12: Overview - www.fitnessquest.com Las
Page 13: city=80000002 state=80000002 zip=80

ScanAlert - Report - Thane

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?