Callsms17-010
ms17-010 时间:2021-05-19 阅读:()
OpenVasVulnerabilityReportHackerTarget.
comhostsasuiteoftrustedopensourcevulnerabilityscanners.
SecureyourAttackSurfacewithourvulnerabilitydiscoveryandnetworkintelligencesolutions.
ThisreportwasautogeneratedusingtheopensourceOpenVASVulnerabilityScanner.
CONFIDENTIAL-ThisreportcontainssensitiveinformationandshouldbestoredinasecurelocationOpenVasVulnerabilityReportHackerTarget.
com123334445TableofContentsOpenVasVulnerabilityReportTableofContentsSummaryHostSummaryVulnerabilitySummaryResultsbyHostHost192.
168.
1.
56PortSummaryforHost192.
168.
1.
56SecurityIssuesforHost192.
168.
1.
56OpenVasVulnerabilityReportHackerTarget.
com1HIGH6MEDIUM1LOWSummaryScanstarted:TueFeb1211:08:492019UTCScanended:TueFeb1211:18:442019UTCAnyHIGHandMEDIUMseverityvulnerabilitiesshouldbeinvestigatedandconfirmedsothatremediationcantakeplace.
LOWriskitemsshouldnotbeignoredastheycanbechainedwithothervulnerabilitiestoenablefurtherattacks.
HostSummaryHostStartEndHighMediumLowLog192.
168.
1.
56(WIDGETServer)Feb12,11:09Feb12,11:181610Total:11610VulnerabilitySummarySeverityDescriptionCVSSCountHighMicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)9.
31MediumDCE/RPCandMSRPCServicesEnumerationReporting5.
01MediumSSL/TLS:ReportVulnerableCipherSuitesforHTTPS5.
01MediumSSL/TLS:ReportWeakCipherSuites4.
34LowTCPtimestamps2.
61OpenVasVulnerabilityReportHackerTarget.
comResultsbyHostHost192.
168.
1.
56Hostscanstarted:TueFeb1211:09:042019UTCPortSummaryforHost192.
168.
1.
56Service(Port)Severitygeneral/tcpLow3389/tcpMedium636/tcpMedium445/tcpHigh443/tcpMedium135/tcpMedium3269/tcpMediumOpenVasVulnerabilityReportHackerTarget.
com445/tcpSecurityIssuesforHost192.
168.
1.
56High(CVSS:9.
3)NVT:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)SummaryThishostismissingacriticalsecurityupdateaccordingtoMicrosoftBulletinMS17-010.
VulnerabilityDetectionResultVulnerabilitywasdetectedaccordingtotheVulnerabilityDetectionMethod.
ImpactSuccessfulexploitationwillallowremoteattackerstogaintheabilitytoexecutecodeonthetargetserver,alsocouldleadtoinformationdisclosurefromtheserver.
SolutionSolutiontype:VendorFixRunWindowsUpdateandupdatethelistedhotfixesordownloadandupdatementionedhotfixesintheadvisoryAffectedSoftware/OSMicrosoftWindows10x32/x64EditionMicrosoftWindowsServer2012EditionMicrosoftWindowsServer2016MicrosoftWindows8.
1x32/x64EditionMicrosoftWindowsServer2012R2EditionMicrosoftWindows7x32/x64EditionServicePack1MicrosoftWindowsVistax32/x64EditionServicePack2MicrosoftWindowsServer2008R2x64EditionServicePack1MicrosoftWindowsServer2008x32/x64EditionServicePack2VulnerabilityInsightMultipleflawsexistduetothewaythattheMicrosoftServerMessageBlock1.
0(SMBv1)serverhandlescertainrequests.
VulnerabilityDetectionMethodSendthecraftedSMBtransactionrequestwithfid=0andchecktheresponsetoconfirmthevulnerability.
Details:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)Versionused:$Revision:11874$ReferencesCVE:CVE-2017-0143,CVE-2017-0144,CVE-2017-0145,CVE-2017-0146,CVE-2017-0147,CVE-2017-0148BID:96703,96704,96705,96707,96709,96706CERT:CB-K17/0435,DFN-CERT-2017-0448Other:https://support.
microsoft.
com/en-in/kb/4013078https://technet.
microsoft.
com/library/security/MS17-010https://github.
com/rapid7/metasploit-framework/pull/8167/filesOpenVasVulnerabilityReportHackerTarget.
com135/tcpMedium(CVSS:5.
0)NVT:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)SummaryDistributedComputingEnvironment/RemoteProcedureCalls(DCE/RPC)orMSRPCservicesrunningontheremotehostcanbeenumeratedbyconnectingonport135anddoingtheappropriatequeries.
VulnerabilityDetectionResultHereisthelistofDCE/RPCorMSRPCservicesrunningonthishostviatheTCPprotocol:Port:49664/tcpUUID:d95afe70-a6d5-4259-822e-2c84da1ddb0d,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49664]Port:49665/tcpUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPClientLRPCEndpointUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPv6ClientLRPCEndpointUUID:f6beaff7-1e19-4fbb-9f8f-b89e2018337c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:EventlogTCPIPPort:49666/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:KeyIsoOpenVasVulnerabilityReportHackerTarget.
comUUID:c9ac6db5-82b7-4e55-ae8a-e464ed7b4277,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:ImplfriendlynameUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:MSNTDirectoryDRSInterfacePort:49668/tcpUUID:0d3c7f20-1c8d-4654-a1b3-51563b298bda,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:1ff70682-0a51-30e8-076d-740be8cee98b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Namedpipe:atsvcWin32serviceorprocess:mstask.
exeDescription:SchedulerserviceUUID:201ef99a-7fa0-444c-9399-19ba84f12a1a,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:29770a8f-829b-4158-90a2-78cd488501f7,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:2e6035b2-e8f1-41a7-a044-656b439c4c34,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerproviderserverendpointUUID:33d84484-3626-47ee-8c6f-e7e98b113be1,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:3a9ef155-691d-4449-8d05-09ad57031823,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:552d076a-cb29-4e44-8b6a-d15e59e2c0af,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:IPTransitionConfigurationendpointUUID:58e604e8-9adb-4d2e-a464-3b0683fb1480,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:5f54ce7d-5b79-4175-8584-cb65313a0e98,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:86d35949-83c9-4044-b424-db363231fd0c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:b18fbab6-56f8-4702-84e0-41053293a869,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:c36be077-e14b-4fe9-8abc-e856ef4f048b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerclientserverendpointUUID:c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AdhAPIsOpenVasVulnerabilityReportHackerTarget.
comUUID:d09bdeb5-6171-4a34-bfe2-06fa82652568,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:fb9a3757-cff0-4db0-b9fc-bd6c131612fd,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:fd7a0523-dc70-43dd-9b2e-9c5ed48225b1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoPort:49673/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:KeyIsoUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:MSNTDirectoryDRSInterfacePort:49674/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeOpenVasVulnerabilityReportHackerTarget.
comDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:KeyIsoPort:49675/tcpUUID:0b6edbfa-4a24-4fc6-8a23-942b1eca65d1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:12345678-1234-abcd-ef00-0123456789ab,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Namedpipe:spoolssWin32serviceorprocess:spoolsv.
exeDescription:SpoolerserviceUUID:4a452661-8290-4b36-8fbe-7f4093a94978,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:76f03f96-cdfd-44fc-a22c-64950a001209,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:ae33069b-a2a8-46ee-a235-ddfd339be281,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Port:49683/tcpUUID:367abb81-9844-35f1-ad32-98f038001003,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49683]Port:49728/tcpUUID:50abc2a4-574d-40b3-9d66-ee4fd5fba076,version5Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49728]Namedpipe:dnsserverWin32serviceorprocess:dns.
exeDescription:DNSServerPort:49914/tcpUUID:897e2e5f-93f3-4376-9c9c-fd2277495c27,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49914]Annotation:Frs2ServicePort:63520/tcpUUID:91ae6020-9e3c-11cf-8d7c-00aa00c091be,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[63520]Namedpipe:certWin32serviceorprocess:certsrv.
exeDescription:CertificateserviceOpenVasVulnerabilityReportHackerTarget.
comNote:DCE/RPCorMSRPCservicesrunningonthishostlocallywereidentified.
Reportingthislistisnotenabledbydefaultduetothepossiblelargesizeofthislist.
Seethescriptpreferencestoenablethisreporting.
ImpactAnattackermayusethisfacttogainmoreknowledgeabouttheremotehost.
SolutionSolutiontype:MitigationFilterincomingtraffictothisports.
VulnerabilityDetectionMethodDetails:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)Versionused:$Revision:6319$OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:5.
0)NVT:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)SummaryThisroutinereportsallSSL/TLSciphersuitesacceptedbyaservicewhereattackvectorsexistsonlyonHTTPSservices.
VulnerabilityDetectionResult'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)SolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
AffectedSoftware/OSServicesacceptingvulnerableSSL/TLSciphersuitesviaHTTPS.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthevulnerableciphersuites:-64-bitblockcipher3DESvulnerabletotheSWEET32attack(CVE-2016-2183).
VulnerabilityDetectionMethodDetails:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)Versionused:$Revision:5232$ReferencesCVE:CVE-2016-2183,CVE-2016-6329CERT:CB-K18/0296,CB-K17/1980,CB-K17/1871,CB-K17/1803,CB-K17/1753,CB-K17/1750,CB-K17/1709,CB-K17/1558,CB-K17/1273,CB-K17/1202,CB-K17/1196,CB-K17/1055,CB-K17/1026,CB-K17/0939,CB-K17/0917,CB-K17/0915,CB-K17/0877,CB-K17/0796,CB-K17/0724,CB-K17/0661,CB-K17/0657,CB-K17/0582,CB-K17/0581,CB-K17/0506,CB-K17/0504,CB-K17/0467,CB-K17/0345,CB-K17/0098,CB-K17/0089,CB-K17/0086,CB-K17/0082,CB-K16/1837,CB-K16/1830,CB-K16/1635,CB-K16/1630,CB-K16/1624,CB-K16/1622,CB-K16/1500,CB-K16/1465,CB-K16/1307,CB-K16/1296,DFN-CERT-2019-0068,DFN-CERT-2018-1296,DFN-CERT-2018-0323,DFN-CERT-2017-2070,DFN-CERT-2017-1954,DFN-CERT-2017-1885,DFN-CERT-2017-1831,DFN-CERT-2017-1821,DFN-CERT-2017-1785,DFN-CERT-2017-1626,DFN-CERT-2017-1326,DFN-CERT-2017-1239,DFN-CERT-2017-1238,DFN-CERT-2017-1090,DFN-CERT-2017-1060,DFN-CERT-2017-0968,DFN-CERT-2017-0947,DFN-CERT-2017-0946,DFN-CERT-2017-0904,DFN-CERT-2017-0816,DFN-CERT-2017-0746,DFN-CERT-2017-0677,DFN-CERT-2017-0675,DFN-CERT-2017-0611,DFN-CERT-2017-0609,DFN-CERT-2017-0522,DFN-CERT-2017-0519,DFN-CERT-2017-0482,DFN-CERT-2017-0351,DFN-CERT-2017-0090,DFN-CERT-2017-0089,DFN-CERT-2017-0088,DFN-CERT-2017-0086,DFN-CERT-2016-1943,DFN-CERT-2016-1937,DFN-CERT-2016-1732,DFN-CERT-2016-1726,DFN-CERT-2016-1715,DFN-CERT-2016-1714,DFN-CERT-2016-1588,DFN-CERT-2016-1555,DFN-CERT-2016-1391,DFN-CERT-2016-1378Other:https://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/https://sweet32.
info/OpenVasVulnerabilityReportHackerTarget.
com3389/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com3269/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com636/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
comgeneral/tcpLow(CVSS:2.
6)NVT:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)SummaryTheremotehostimplementsTCPtimestampsandthereforeallowstocomputetheuptime.
VulnerabilityDetectionResultItwasdetectedthatthehostimplementsRFC1323.
Thefollowingtimestampswereretrievedwithadelayof1secondsin-between:Packet1:623055Packet2:624131ImpactAsideeffectofthisfeatureisthattheuptimeoftheremotehostcansometimesbecomputed.
SolutionSolutiontype:MitigationTodisableTCPtimestampsonlinuxaddtheline'net.
ipv4.
tcp_timestamps=0'to/etc/sysctl.
conf.
Execute'sysctl-p'toapplythesettingsatruntime.
TodisableTCPtimestampsonWindowsexecute'netshinttcpsetglobaltimestamps=disabled'StartingwithWindowsServer2008andVista,thetimestampcannotbecompletelydisabled.
ThedefaultbehavioroftheTCP/IPstackonthisSystemsistonotusetheTimestampoptionswheninitiatingTCPconnections,butusethemiftheTCPpeerthatisinitiatingcommunicationincludesthemintheirsynchronize(SYN)segment.
Seealso:http://www.
microsoft.
com/en-us/download/details.
aspxid=9152AffectedSoftware/OSTCP/IPv4implementationsthatimplementRFC1323.
VulnerabilityInsightTheremotehostimplementsTCPtimestamps,asdefinedbyRFC1323.
VulnerabilityDetectionMethodSpecialIPpacketsareforgedandsentwithalittledelayinbetweentothetargetIP.
Theresponsesaresearchedforatimestamps.
Iffound,thetimestampsarereported.
Details:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)Versionused:$Revision:10411$ReferencesOther:http://www.
ietf.
org/rfc/rfc1323.
txtThisfilewasautomaticallygenerated.
OpenVasVulnerabilityReportHackerTarget.
com
comhostsasuiteoftrustedopensourcevulnerabilityscanners.
SecureyourAttackSurfacewithourvulnerabilitydiscoveryandnetworkintelligencesolutions.
ThisreportwasautogeneratedusingtheopensourceOpenVASVulnerabilityScanner.
CONFIDENTIAL-ThisreportcontainssensitiveinformationandshouldbestoredinasecurelocationOpenVasVulnerabilityReportHackerTarget.
com123334445TableofContentsOpenVasVulnerabilityReportTableofContentsSummaryHostSummaryVulnerabilitySummaryResultsbyHostHost192.
168.
1.
56PortSummaryforHost192.
168.
1.
56SecurityIssuesforHost192.
168.
1.
56OpenVasVulnerabilityReportHackerTarget.
com1HIGH6MEDIUM1LOWSummaryScanstarted:TueFeb1211:08:492019UTCScanended:TueFeb1211:18:442019UTCAnyHIGHandMEDIUMseverityvulnerabilitiesshouldbeinvestigatedandconfirmedsothatremediationcantakeplace.
LOWriskitemsshouldnotbeignoredastheycanbechainedwithothervulnerabilitiestoenablefurtherattacks.
HostSummaryHostStartEndHighMediumLowLog192.
168.
1.
56(WIDGETServer)Feb12,11:09Feb12,11:181610Total:11610VulnerabilitySummarySeverityDescriptionCVSSCountHighMicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)9.
31MediumDCE/RPCandMSRPCServicesEnumerationReporting5.
01MediumSSL/TLS:ReportVulnerableCipherSuitesforHTTPS5.
01MediumSSL/TLS:ReportWeakCipherSuites4.
34LowTCPtimestamps2.
61OpenVasVulnerabilityReportHackerTarget.
comResultsbyHostHost192.
168.
1.
56Hostscanstarted:TueFeb1211:09:042019UTCPortSummaryforHost192.
168.
1.
56Service(Port)Severitygeneral/tcpLow3389/tcpMedium636/tcpMedium445/tcpHigh443/tcpMedium135/tcpMedium3269/tcpMediumOpenVasVulnerabilityReportHackerTarget.
com445/tcpSecurityIssuesforHost192.
168.
1.
56High(CVSS:9.
3)NVT:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)SummaryThishostismissingacriticalsecurityupdateaccordingtoMicrosoftBulletinMS17-010.
VulnerabilityDetectionResultVulnerabilitywasdetectedaccordingtotheVulnerabilityDetectionMethod.
ImpactSuccessfulexploitationwillallowremoteattackerstogaintheabilitytoexecutecodeonthetargetserver,alsocouldleadtoinformationdisclosurefromtheserver.
SolutionSolutiontype:VendorFixRunWindowsUpdateandupdatethelistedhotfixesordownloadandupdatementionedhotfixesintheadvisoryAffectedSoftware/OSMicrosoftWindows10x32/x64EditionMicrosoftWindowsServer2012EditionMicrosoftWindowsServer2016MicrosoftWindows8.
1x32/x64EditionMicrosoftWindowsServer2012R2EditionMicrosoftWindows7x32/x64EditionServicePack1MicrosoftWindowsVistax32/x64EditionServicePack2MicrosoftWindowsServer2008R2x64EditionServicePack1MicrosoftWindowsServer2008x32/x64EditionServicePack2VulnerabilityInsightMultipleflawsexistduetothewaythattheMicrosoftServerMessageBlock1.
0(SMBv1)serverhandlescertainrequests.
VulnerabilityDetectionMethodSendthecraftedSMBtransactionrequestwithfid=0andchecktheresponsetoconfirmthevulnerability.
Details:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)Versionused:$Revision:11874$ReferencesCVE:CVE-2017-0143,CVE-2017-0144,CVE-2017-0145,CVE-2017-0146,CVE-2017-0147,CVE-2017-0148BID:96703,96704,96705,96707,96709,96706CERT:CB-K17/0435,DFN-CERT-2017-0448Other:https://support.
microsoft.
com/en-in/kb/4013078https://technet.
microsoft.
com/library/security/MS17-010https://github.
com/rapid7/metasploit-framework/pull/8167/filesOpenVasVulnerabilityReportHackerTarget.
com135/tcpMedium(CVSS:5.
0)NVT:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)SummaryDistributedComputingEnvironment/RemoteProcedureCalls(DCE/RPC)orMSRPCservicesrunningontheremotehostcanbeenumeratedbyconnectingonport135anddoingtheappropriatequeries.
VulnerabilityDetectionResultHereisthelistofDCE/RPCorMSRPCservicesrunningonthishostviatheTCPprotocol:Port:49664/tcpUUID:d95afe70-a6d5-4259-822e-2c84da1ddb0d,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49664]Port:49665/tcpUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPClientLRPCEndpointUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPv6ClientLRPCEndpointUUID:f6beaff7-1e19-4fbb-9f8f-b89e2018337c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:EventlogTCPIPPort:49666/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:KeyIsoOpenVasVulnerabilityReportHackerTarget.
comUUID:c9ac6db5-82b7-4e55-ae8a-e464ed7b4277,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:ImplfriendlynameUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:MSNTDirectoryDRSInterfacePort:49668/tcpUUID:0d3c7f20-1c8d-4654-a1b3-51563b298bda,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:1ff70682-0a51-30e8-076d-740be8cee98b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Namedpipe:atsvcWin32serviceorprocess:mstask.
exeDescription:SchedulerserviceUUID:201ef99a-7fa0-444c-9399-19ba84f12a1a,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:29770a8f-829b-4158-90a2-78cd488501f7,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:2e6035b2-e8f1-41a7-a044-656b439c4c34,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerproviderserverendpointUUID:33d84484-3626-47ee-8c6f-e7e98b113be1,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:3a9ef155-691d-4449-8d05-09ad57031823,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:552d076a-cb29-4e44-8b6a-d15e59e2c0af,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:IPTransitionConfigurationendpointUUID:58e604e8-9adb-4d2e-a464-3b0683fb1480,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:5f54ce7d-5b79-4175-8584-cb65313a0e98,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:86d35949-83c9-4044-b424-db363231fd0c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:b18fbab6-56f8-4702-84e0-41053293a869,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:c36be077-e14b-4fe9-8abc-e856ef4f048b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerclientserverendpointUUID:c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AdhAPIsOpenVasVulnerabilityReportHackerTarget.
comUUID:d09bdeb5-6171-4a34-bfe2-06fa82652568,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:fb9a3757-cff0-4db0-b9fc-bd6c131612fd,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:fd7a0523-dc70-43dd-9b2e-9c5ed48225b1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoPort:49673/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:KeyIsoUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:MSNTDirectoryDRSInterfacePort:49674/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeOpenVasVulnerabilityReportHackerTarget.
comDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:KeyIsoPort:49675/tcpUUID:0b6edbfa-4a24-4fc6-8a23-942b1eca65d1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:12345678-1234-abcd-ef00-0123456789ab,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Namedpipe:spoolssWin32serviceorprocess:spoolsv.
exeDescription:SpoolerserviceUUID:4a452661-8290-4b36-8fbe-7f4093a94978,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:76f03f96-cdfd-44fc-a22c-64950a001209,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:ae33069b-a2a8-46ee-a235-ddfd339be281,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Port:49683/tcpUUID:367abb81-9844-35f1-ad32-98f038001003,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49683]Port:49728/tcpUUID:50abc2a4-574d-40b3-9d66-ee4fd5fba076,version5Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49728]Namedpipe:dnsserverWin32serviceorprocess:dns.
exeDescription:DNSServerPort:49914/tcpUUID:897e2e5f-93f3-4376-9c9c-fd2277495c27,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49914]Annotation:Frs2ServicePort:63520/tcpUUID:91ae6020-9e3c-11cf-8d7c-00aa00c091be,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[63520]Namedpipe:certWin32serviceorprocess:certsrv.
exeDescription:CertificateserviceOpenVasVulnerabilityReportHackerTarget.
comNote:DCE/RPCorMSRPCservicesrunningonthishostlocallywereidentified.
Reportingthislistisnotenabledbydefaultduetothepossiblelargesizeofthislist.
Seethescriptpreferencestoenablethisreporting.
ImpactAnattackermayusethisfacttogainmoreknowledgeabouttheremotehost.
SolutionSolutiontype:MitigationFilterincomingtraffictothisports.
VulnerabilityDetectionMethodDetails:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)Versionused:$Revision:6319$OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:5.
0)NVT:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)SummaryThisroutinereportsallSSL/TLSciphersuitesacceptedbyaservicewhereattackvectorsexistsonlyonHTTPSservices.
VulnerabilityDetectionResult'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)SolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
AffectedSoftware/OSServicesacceptingvulnerableSSL/TLSciphersuitesviaHTTPS.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthevulnerableciphersuites:-64-bitblockcipher3DESvulnerabletotheSWEET32attack(CVE-2016-2183).
VulnerabilityDetectionMethodDetails:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)Versionused:$Revision:5232$ReferencesCVE:CVE-2016-2183,CVE-2016-6329CERT:CB-K18/0296,CB-K17/1980,CB-K17/1871,CB-K17/1803,CB-K17/1753,CB-K17/1750,CB-K17/1709,CB-K17/1558,CB-K17/1273,CB-K17/1202,CB-K17/1196,CB-K17/1055,CB-K17/1026,CB-K17/0939,CB-K17/0917,CB-K17/0915,CB-K17/0877,CB-K17/0796,CB-K17/0724,CB-K17/0661,CB-K17/0657,CB-K17/0582,CB-K17/0581,CB-K17/0506,CB-K17/0504,CB-K17/0467,CB-K17/0345,CB-K17/0098,CB-K17/0089,CB-K17/0086,CB-K17/0082,CB-K16/1837,CB-K16/1830,CB-K16/1635,CB-K16/1630,CB-K16/1624,CB-K16/1622,CB-K16/1500,CB-K16/1465,CB-K16/1307,CB-K16/1296,DFN-CERT-2019-0068,DFN-CERT-2018-1296,DFN-CERT-2018-0323,DFN-CERT-2017-2070,DFN-CERT-2017-1954,DFN-CERT-2017-1885,DFN-CERT-2017-1831,DFN-CERT-2017-1821,DFN-CERT-2017-1785,DFN-CERT-2017-1626,DFN-CERT-2017-1326,DFN-CERT-2017-1239,DFN-CERT-2017-1238,DFN-CERT-2017-1090,DFN-CERT-2017-1060,DFN-CERT-2017-0968,DFN-CERT-2017-0947,DFN-CERT-2017-0946,DFN-CERT-2017-0904,DFN-CERT-2017-0816,DFN-CERT-2017-0746,DFN-CERT-2017-0677,DFN-CERT-2017-0675,DFN-CERT-2017-0611,DFN-CERT-2017-0609,DFN-CERT-2017-0522,DFN-CERT-2017-0519,DFN-CERT-2017-0482,DFN-CERT-2017-0351,DFN-CERT-2017-0090,DFN-CERT-2017-0089,DFN-CERT-2017-0088,DFN-CERT-2017-0086,DFN-CERT-2016-1943,DFN-CERT-2016-1937,DFN-CERT-2016-1732,DFN-CERT-2016-1726,DFN-CERT-2016-1715,DFN-CERT-2016-1714,DFN-CERT-2016-1588,DFN-CERT-2016-1555,DFN-CERT-2016-1391,DFN-CERT-2016-1378Other:https://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/https://sweet32.
info/OpenVasVulnerabilityReportHackerTarget.
com3389/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com3269/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com636/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
comgeneral/tcpLow(CVSS:2.
6)NVT:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)SummaryTheremotehostimplementsTCPtimestampsandthereforeallowstocomputetheuptime.
VulnerabilityDetectionResultItwasdetectedthatthehostimplementsRFC1323.
Thefollowingtimestampswereretrievedwithadelayof1secondsin-between:Packet1:623055Packet2:624131ImpactAsideeffectofthisfeatureisthattheuptimeoftheremotehostcansometimesbecomputed.
SolutionSolutiontype:MitigationTodisableTCPtimestampsonlinuxaddtheline'net.
ipv4.
tcp_timestamps=0'to/etc/sysctl.
conf.
Execute'sysctl-p'toapplythesettingsatruntime.
TodisableTCPtimestampsonWindowsexecute'netshinttcpsetglobaltimestamps=disabled'StartingwithWindowsServer2008andVista,thetimestampcannotbecompletelydisabled.
ThedefaultbehavioroftheTCP/IPstackonthisSystemsistonotusetheTimestampoptionswheninitiatingTCPconnections,butusethemiftheTCPpeerthatisinitiatingcommunicationincludesthemintheirsynchronize(SYN)segment.
Seealso:http://www.
microsoft.
com/en-us/download/details.
aspxid=9152AffectedSoftware/OSTCP/IPv4implementationsthatimplementRFC1323.
VulnerabilityInsightTheremotehostimplementsTCPtimestamps,asdefinedbyRFC1323.
VulnerabilityDetectionMethodSpecialIPpacketsareforgedandsentwithalittledelayinbetweentothetargetIP.
Theresponsesaresearchedforatimestamps.
Iffound,thetimestampsarereported.
Details:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)Versionused:$Revision:10411$ReferencesOther:http://www.
ietf.
org/rfc/rfc1323.
txtThisfilewasautomaticallygenerated.
OpenVasVulnerabilityReportHackerTarget.
com
傲游主机38.4元起,韩国CN2/荷兰VPS全场8折vps香港高防
傲游主机怎么样?傲游主机是一家成立于2010年的老牌国外VPS服务商,在澳大利亚及美国均注册公司,是由在澳洲留学的害羞哥、主机论坛知名版主组长等大佬创建,拥有多家海外直连线路机房资源,提供基于VPS主机和独立服务器租用等,其中VPS基于KVM或者XEN架构,可选机房包括中国香港、美国洛杉矶、韩国、日本、德国、荷兰等,均为CN2或者国内直连优秀线路。傲游主机提供8折优惠码:haixiuge,适用于全...
RAKsmart 年中活动 独立服务器限时$30秒杀 VPS主机低至$1.99
RAKsmart 虽然是美国主机商,但是商家的主要客户群还是在我们国内,于是我们可以看到每次的国内节日促销活动期间商家也会发布促销。包括这次年中大促活动,RAKsmart商家也有发布为期两个月的年终活动,其中有商家擅长的独立服务器和便宜VPS主机。服务器包括站群服务器、特价服务器、高达10G带宽不限制流量的美国服务器。商家优惠活动,可以看到对应商品的优惠,同时也可以使用 优惠码 RAKBL9 同时...
数脉科技香港自营,10Mbps CN2物理机420元/月
数脉科技怎么样?数脉科技品牌创办于2019,由一家从2012年开始从事idc行业的商家创办,目前主营产品是香港服务器,线路有阿里云线路和自营CN2线路,均为中国大陆直连带宽,适合建站及运行各种负载较高的项目,同时支持人民币、台币、美元等结算,提供支付宝、微信、PayPal付款方式。本次数脉科技给发来了新的7月促销活动,CN2+BGP线路的香港服务器,带宽10m起,配置E3-16G-30M-3IP,...
ms17-010为你推荐
-
HALLMARK_PANCREAS_BETA_CELLSios11http://www.tutorialspoint.com/css/css_dimension.htmlegraphpresent372011年停止接单产品支持ipad重庆宽带测速重庆市电信网速测试是哪个网站或ipipad如何上网iPad怎么上网?请高手指点win7telnetWin7系统中的telnet命令如何应用?x-routerx-arcsinx的等价无穷小是什么?