www.tacti

More documents

Recommendations

Info

Security Warning found on port/service "110 / tcp / pop3" Status Plugin Fail (This must be resolved for your device to be compliant). "SSL Certificate Cannot Be Trusted" Category "General " Priority "Medium Priority Synopsis The SSL certificate for this service cannot be trusted. Description The server's X.509 certificate does not have a signature from a known public certificate authority. This situation can occur in three different ways, each of which results in a break in the chain below which certificates cannot be trusted. First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority. Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates. Third, the certificate chain may contain a signature that either didn't match the certificate's information, or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize. If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host. Risk factor MEDIUM / CVSS BASE SCORE :6.4 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N Plugin output The following certificate was part of the certificate chain sent by the remote host, but has expired :
|-Subject : C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/E=info@parallels.com |-Not After : Apr 12 06:20:36 2016 GMT The following certificate was at the top of the certificate chain sent by the remote host, but is signed by an unknown certificate authority : |-Subject : C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/E=info@parallels.com |-Issuer : C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/E=info@parallels.com Solution Purchase or generate a proper certificate for this service.
Page 1 and 2: Scan Summary Customer company name
Page 3 and 4: 1 0291408&CNumber=&CardPrice=&Clubt
Page 5 and 6: framemode=&ItemID=&FromRec=&FF=&Dat
Page 7 and 8: Solution Consult the application's
Page 9 and 10: Solution Consult the application's
Page 12: Security Warning found on port/serv
Page 15 and 16: Kx={key exchange} Au={authenticatio
Page 17 and 18: Security Warning found on port/serv
Page 27: certificate authority : |-Subject :
Page 31 and 32: |-Subject : C=US/ST=Virginia/L=Hern
Page 33 and 34: DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-C
Page 35 and 36: Security Notes found on port/servic
Page 37 and 38: Content-Type: text/html; charset=ut
Page 39 and 40: X-Permitted-Cross-Domain-Policies:
Page 41 and 42: Key Length: 2048 bits Public Key: 0
Page 43 and 44: Extension: Authority Information Ac
Page 47 and 48: D0 91 64 EC E2 0B 0B 3D B6 90 98 2A
Page 49 and 50: Version: 1 Signature Algorithm: SHA
Page 79 and 80:
Security Notes found on port/servic
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au
Page 89 and 90:
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=C
Page 91 and 92:
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA
Page 93 and 94:
Page 95 and 96:
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES
Page 97 and 98:
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc
Page 99 and 100:
Page 101 and 102:
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc
Page 103 and 104:
High Strength Ciphers (>= 112-bit k
Page 105 and 106:
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES
Page 107 and 108:
Page 109 and 110:
- https://www.takti.co.il/demo/inde
Page 111 and 112:
- http://www.takti.co.il/demo/index
Page 113 and 114:
Page 115 and 116:
Signature Length: 256 bytes / 2048
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
SSL/TLS version : TLSv1.0 Cipher su
Page 123 and 124:
Diffie-Hellman MODP size (bits) : 1
Page 125 and 126:
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=
Page 127 and 128:
administration /administrator /admi
Page 129 and 130:
webalizer Based on tests of each me
Page 131 and 132:
Page 133 and 134:
cgi-bin /mailman
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Name : PHPSESSID Path : / Value : 4
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
State/Province: Virginia Locality:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
lind SQL injection (4 requests) : S
Page 175 and 176:
directory traversal (write access)
Page 177 and 178:
show all

www.tacti

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?