hyperphate
Banned
And this means what? I'm not running any servers that I know of 🙁
Nessus Scan Report compliments of www.vulnerabilities.org
Free Nessus web scan provided by Vulnerabilities.org
Contact sbrown@vulnerabilities.org or mbrown@vulnerabilities.org
for a personal evaluation of the scan report, further detailed
systems analysis. Of course, we are available for contract
to correct your problems, provide recurring network
vulnerability analysis, and general hosting system administration
Please take a second and drop us a note, or if you would
like to share your report with us, email to above!
--------------------------------------------------------------------------------
Number of hosts which were alive during the test : 1
Number of security holes found : 2
Number of security warnings found : 2
Number of security notes found : 5
List of the tested hosts :
(ip is censored)(Security holes found)
--------------------------------------------------------------------------------
[ Back to the top ]
(ip is censored):
List of open ports :
ftp (21/tcp) (Security hole found)
telnet (23/tcp)
http (80/tcp) (Security hole found)
general/tcp (Security warnings found)
domain (53/tcp) (Security warnings found)
general/udp (Security notes found)
[ back to the list of ports ]
Vulnerability found on port ftp (21/tcp)
The remote FTP server crashes when the command
'MLST a' is issued right after connecting to it.
An attacker may use this flaw to prevent you
from publishing anything using FTP.
Solution : if you are using wftp, then upgrade to
version 2.41 RC12, if you are not, then contact
your vendor for a fix.
Risk factor : Serious
CVE : CAN-2000-0647
[ back to the list of ports ]
Information found on port ftp (21/tcp)
Remote FTP server banner :
sys FTP version 1.0 ready at Tue Feb 22 12:14:38 2000
[ back to the list of ports ]
Vulnerability found on port http (80/tcp)
The remote host seems to be vulnerable to the Cross Site Scripting vulnerability. The vulnerability is caused by the result returned to the user when a non-existing file is requested (e.g. the result contains the JavaScript provided in the request).
The vulnerability would allow an attacker to make the server present the user with the attacker's JavaScript/HTML code.
Since the content is presented by the server, the user will give it the trust level of the server (for example, the trust level of banks, shopping centers, etc. would usually be high).
Solution:
Depending on the type of Web Server software install the appropriate patch, see the URLs below.
Risk Factor: Medium
Additional information:
IIS:
http://www.securiteam.com/windowsnt...cripting_vulnerability__Patch_available_.html
Allaire:
http://www.securiteam.com/windowsnt...ss-Site_Scripting_security_vulnerability.html
Apache:
http://www.apache.org/info/css-security/
General:
http://www.securiteam.com/exploits/...eloping_a_dynamically_generated_web_site.html
[ back to the list of ports ]
Information found on port http (80/tcp)
The remote web server type is :
ZyXEL-RomPager/3.02
We recommend that you configure your web server to return
bogus versions, so that it makes the cracker job more difficult
[ back to the list of ports ]
Warning found on port general/tcp
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.
An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.
Solution : Contact your vendor for a patch
Risk factor : Low
[ back to the list of ports ]
Information found on port general/tcp
Nmap found that this host is running Zyxel ZyNOS based router (ZyNOS)
[ back to the list of ports ]
Warning found on port domain (53/tcp)
The remote name server allows recursive queries to be performed
by the host running nessusd.
If this is your internal nameserver, then forget this warning.
If you are probing a remote nameserver, then it allows anyone
to use it to resolve third parties names (such as www.nessus.org).
This allows hackers to do cache poisoning attacks against this
nameserver.
Solution : Restrict recursive queries to the hosts that should
use this nameserver (such as those of the LAN connected to it).
If you are using bind 8, you can do this by using the instruction
'allow-recursion' in the 'options' section of your named.conf
If you are using another name server, consult its documentation.
Risk factor : Serious
[ back to the list of ports ]
Information found on port domain (53/tcp)
The remote bind version is : 8.2.3-REL
[ back to the list of ports ]
Information found on port general/udp
For your information, here is the traceroute to (ip is censored):
?
--------------------------------------------------------------------------------
This file was generated by Nessus, the open-sourced security scanner.
Nessus Scan Report compliments of www.vulnerabilities.org
Free Nessus web scan provided by Vulnerabilities.org
Contact sbrown@vulnerabilities.org or mbrown@vulnerabilities.org
for a personal evaluation of the scan report, further detailed
systems analysis. Of course, we are available for contract
to correct your problems, provide recurring network
vulnerability analysis, and general hosting system administration
Please take a second and drop us a note, or if you would
like to share your report with us, email to above!
--------------------------------------------------------------------------------
Number of hosts which were alive during the test : 1
Number of security holes found : 2
Number of security warnings found : 2
Number of security notes found : 5
List of the tested hosts :
(ip is censored)(Security holes found)
--------------------------------------------------------------------------------
[ Back to the top ]
(ip is censored):
List of open ports :
ftp (21/tcp) (Security hole found)
telnet (23/tcp)
http (80/tcp) (Security hole found)
general/tcp (Security warnings found)
domain (53/tcp) (Security warnings found)
general/udp (Security notes found)
[ back to the list of ports ]
Vulnerability found on port ftp (21/tcp)
The remote FTP server crashes when the command
'MLST a' is issued right after connecting to it.
An attacker may use this flaw to prevent you
from publishing anything using FTP.
Solution : if you are using wftp, then upgrade to
version 2.41 RC12, if you are not, then contact
your vendor for a fix.
Risk factor : Serious
CVE : CAN-2000-0647
[ back to the list of ports ]
Information found on port ftp (21/tcp)
Remote FTP server banner :
sys FTP version 1.0 ready at Tue Feb 22 12:14:38 2000
[ back to the list of ports ]
Vulnerability found on port http (80/tcp)
The remote host seems to be vulnerable to the Cross Site Scripting vulnerability. The vulnerability is caused by the result returned to the user when a non-existing file is requested (e.g. the result contains the JavaScript provided in the request).
The vulnerability would allow an attacker to make the server present the user with the attacker's JavaScript/HTML code.
Since the content is presented by the server, the user will give it the trust level of the server (for example, the trust level of banks, shopping centers, etc. would usually be high).
Solution:
Depending on the type of Web Server software install the appropriate patch, see the URLs below.
Risk Factor: Medium
Additional information:
IIS:
http://www.securiteam.com/windowsnt...cripting_vulnerability__Patch_available_.html
Allaire:
http://www.securiteam.com/windowsnt...ss-Site_Scripting_security_vulnerability.html
Apache:
http://www.apache.org/info/css-security/
General:
http://www.securiteam.com/exploits/...eloping_a_dynamically_generated_web_site.html
[ back to the list of ports ]
Information found on port http (80/tcp)
The remote web server type is :
ZyXEL-RomPager/3.02
We recommend that you configure your web server to return
bogus versions, so that it makes the cracker job more difficult
[ back to the list of ports ]
Warning found on port general/tcp
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.
An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.
Solution : Contact your vendor for a patch
Risk factor : Low
[ back to the list of ports ]
Information found on port general/tcp
Nmap found that this host is running Zyxel ZyNOS based router (ZyNOS)
[ back to the list of ports ]
Warning found on port domain (53/tcp)
The remote name server allows recursive queries to be performed
by the host running nessusd.
If this is your internal nameserver, then forget this warning.
If you are probing a remote nameserver, then it allows anyone
to use it to resolve third parties names (such as www.nessus.org).
This allows hackers to do cache poisoning attacks against this
nameserver.
Solution : Restrict recursive queries to the hosts that should
use this nameserver (such as those of the LAN connected to it).
If you are using bind 8, you can do this by using the instruction
'allow-recursion' in the 'options' section of your named.conf
If you are using another name server, consult its documentation.
Risk factor : Serious
[ back to the list of ports ]
Information found on port domain (53/tcp)
The remote bind version is : 8.2.3-REL
[ back to the list of ports ]
Information found on port general/udp
For your information, here is the traceroute to (ip is censored):
?
--------------------------------------------------------------------------------
This file was generated by Nessus, the open-sourced security scanner.
