Callsms17-010
ms17-010 时间:2021-05-19 阅读:()
OpenVasVulnerabilityReportHackerTarget.
comhostsasuiteoftrustedopensourcevulnerabilityscanners.
SecureyourAttackSurfacewithourvulnerabilitydiscoveryandnetworkintelligencesolutions.
ThisreportwasautogeneratedusingtheopensourceOpenVASVulnerabilityScanner.
CONFIDENTIAL-ThisreportcontainssensitiveinformationandshouldbestoredinasecurelocationOpenVasVulnerabilityReportHackerTarget.
com123334445TableofContentsOpenVasVulnerabilityReportTableofContentsSummaryHostSummaryVulnerabilitySummaryResultsbyHostHost192.
168.
1.
56PortSummaryforHost192.
168.
1.
56SecurityIssuesforHost192.
168.
1.
56OpenVasVulnerabilityReportHackerTarget.
com1HIGH6MEDIUM1LOWSummaryScanstarted:TueFeb1211:08:492019UTCScanended:TueFeb1211:18:442019UTCAnyHIGHandMEDIUMseverityvulnerabilitiesshouldbeinvestigatedandconfirmedsothatremediationcantakeplace.
LOWriskitemsshouldnotbeignoredastheycanbechainedwithothervulnerabilitiestoenablefurtherattacks.
HostSummaryHostStartEndHighMediumLowLog192.
168.
1.
56(WIDGETServer)Feb12,11:09Feb12,11:181610Total:11610VulnerabilitySummarySeverityDescriptionCVSSCountHighMicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)9.
31MediumDCE/RPCandMSRPCServicesEnumerationReporting5.
01MediumSSL/TLS:ReportVulnerableCipherSuitesforHTTPS5.
01MediumSSL/TLS:ReportWeakCipherSuites4.
34LowTCPtimestamps2.
61OpenVasVulnerabilityReportHackerTarget.
comResultsbyHostHost192.
168.
1.
56Hostscanstarted:TueFeb1211:09:042019UTCPortSummaryforHost192.
168.
1.
56Service(Port)Severitygeneral/tcpLow3389/tcpMedium636/tcpMedium445/tcpHigh443/tcpMedium135/tcpMedium3269/tcpMediumOpenVasVulnerabilityReportHackerTarget.
com445/tcpSecurityIssuesforHost192.
168.
1.
56High(CVSS:9.
3)NVT:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)SummaryThishostismissingacriticalsecurityupdateaccordingtoMicrosoftBulletinMS17-010.
VulnerabilityDetectionResultVulnerabilitywasdetectedaccordingtotheVulnerabilityDetectionMethod.
ImpactSuccessfulexploitationwillallowremoteattackerstogaintheabilitytoexecutecodeonthetargetserver,alsocouldleadtoinformationdisclosurefromtheserver.
SolutionSolutiontype:VendorFixRunWindowsUpdateandupdatethelistedhotfixesordownloadandupdatementionedhotfixesintheadvisoryAffectedSoftware/OSMicrosoftWindows10x32/x64EditionMicrosoftWindowsServer2012EditionMicrosoftWindowsServer2016MicrosoftWindows8.
1x32/x64EditionMicrosoftWindowsServer2012R2EditionMicrosoftWindows7x32/x64EditionServicePack1MicrosoftWindowsVistax32/x64EditionServicePack2MicrosoftWindowsServer2008R2x64EditionServicePack1MicrosoftWindowsServer2008x32/x64EditionServicePack2VulnerabilityInsightMultipleflawsexistduetothewaythattheMicrosoftServerMessageBlock1.
0(SMBv1)serverhandlescertainrequests.
VulnerabilityDetectionMethodSendthecraftedSMBtransactionrequestwithfid=0andchecktheresponsetoconfirmthevulnerability.
Details:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)Versionused:$Revision:11874$ReferencesCVE:CVE-2017-0143,CVE-2017-0144,CVE-2017-0145,CVE-2017-0146,CVE-2017-0147,CVE-2017-0148BID:96703,96704,96705,96707,96709,96706CERT:CB-K17/0435,DFN-CERT-2017-0448Other:https://support.
microsoft.
com/en-in/kb/4013078https://technet.
microsoft.
com/library/security/MS17-010https://github.
com/rapid7/metasploit-framework/pull/8167/filesOpenVasVulnerabilityReportHackerTarget.
com135/tcpMedium(CVSS:5.
0)NVT:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)SummaryDistributedComputingEnvironment/RemoteProcedureCalls(DCE/RPC)orMSRPCservicesrunningontheremotehostcanbeenumeratedbyconnectingonport135anddoingtheappropriatequeries.
VulnerabilityDetectionResultHereisthelistofDCE/RPCorMSRPCservicesrunningonthishostviatheTCPprotocol:Port:49664/tcpUUID:d95afe70-a6d5-4259-822e-2c84da1ddb0d,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49664]Port:49665/tcpUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPClientLRPCEndpointUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPv6ClientLRPCEndpointUUID:f6beaff7-1e19-4fbb-9f8f-b89e2018337c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:EventlogTCPIPPort:49666/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:KeyIsoOpenVasVulnerabilityReportHackerTarget.
comUUID:c9ac6db5-82b7-4e55-ae8a-e464ed7b4277,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:ImplfriendlynameUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:MSNTDirectoryDRSInterfacePort:49668/tcpUUID:0d3c7f20-1c8d-4654-a1b3-51563b298bda,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:1ff70682-0a51-30e8-076d-740be8cee98b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Namedpipe:atsvcWin32serviceorprocess:mstask.
exeDescription:SchedulerserviceUUID:201ef99a-7fa0-444c-9399-19ba84f12a1a,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:29770a8f-829b-4158-90a2-78cd488501f7,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:2e6035b2-e8f1-41a7-a044-656b439c4c34,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerproviderserverendpointUUID:33d84484-3626-47ee-8c6f-e7e98b113be1,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:3a9ef155-691d-4449-8d05-09ad57031823,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:552d076a-cb29-4e44-8b6a-d15e59e2c0af,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:IPTransitionConfigurationendpointUUID:58e604e8-9adb-4d2e-a464-3b0683fb1480,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:5f54ce7d-5b79-4175-8584-cb65313a0e98,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:86d35949-83c9-4044-b424-db363231fd0c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:b18fbab6-56f8-4702-84e0-41053293a869,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:c36be077-e14b-4fe9-8abc-e856ef4f048b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerclientserverendpointUUID:c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AdhAPIsOpenVasVulnerabilityReportHackerTarget.
comUUID:d09bdeb5-6171-4a34-bfe2-06fa82652568,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:fb9a3757-cff0-4db0-b9fc-bd6c131612fd,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:fd7a0523-dc70-43dd-9b2e-9c5ed48225b1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoPort:49673/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:KeyIsoUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:MSNTDirectoryDRSInterfacePort:49674/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeOpenVasVulnerabilityReportHackerTarget.
comDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:KeyIsoPort:49675/tcpUUID:0b6edbfa-4a24-4fc6-8a23-942b1eca65d1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:12345678-1234-abcd-ef00-0123456789ab,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Namedpipe:spoolssWin32serviceorprocess:spoolsv.
exeDescription:SpoolerserviceUUID:4a452661-8290-4b36-8fbe-7f4093a94978,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:76f03f96-cdfd-44fc-a22c-64950a001209,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:ae33069b-a2a8-46ee-a235-ddfd339be281,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Port:49683/tcpUUID:367abb81-9844-35f1-ad32-98f038001003,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49683]Port:49728/tcpUUID:50abc2a4-574d-40b3-9d66-ee4fd5fba076,version5Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49728]Namedpipe:dnsserverWin32serviceorprocess:dns.
exeDescription:DNSServerPort:49914/tcpUUID:897e2e5f-93f3-4376-9c9c-fd2277495c27,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49914]Annotation:Frs2ServicePort:63520/tcpUUID:91ae6020-9e3c-11cf-8d7c-00aa00c091be,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[63520]Namedpipe:certWin32serviceorprocess:certsrv.
exeDescription:CertificateserviceOpenVasVulnerabilityReportHackerTarget.
comNote:DCE/RPCorMSRPCservicesrunningonthishostlocallywereidentified.
Reportingthislistisnotenabledbydefaultduetothepossiblelargesizeofthislist.
Seethescriptpreferencestoenablethisreporting.
ImpactAnattackermayusethisfacttogainmoreknowledgeabouttheremotehost.
SolutionSolutiontype:MitigationFilterincomingtraffictothisports.
VulnerabilityDetectionMethodDetails:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)Versionused:$Revision:6319$OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:5.
0)NVT:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)SummaryThisroutinereportsallSSL/TLSciphersuitesacceptedbyaservicewhereattackvectorsexistsonlyonHTTPSservices.
VulnerabilityDetectionResult'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)SolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
AffectedSoftware/OSServicesacceptingvulnerableSSL/TLSciphersuitesviaHTTPS.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthevulnerableciphersuites:-64-bitblockcipher3DESvulnerabletotheSWEET32attack(CVE-2016-2183).
VulnerabilityDetectionMethodDetails:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)Versionused:$Revision:5232$ReferencesCVE:CVE-2016-2183,CVE-2016-6329CERT:CB-K18/0296,CB-K17/1980,CB-K17/1871,CB-K17/1803,CB-K17/1753,CB-K17/1750,CB-K17/1709,CB-K17/1558,CB-K17/1273,CB-K17/1202,CB-K17/1196,CB-K17/1055,CB-K17/1026,CB-K17/0939,CB-K17/0917,CB-K17/0915,CB-K17/0877,CB-K17/0796,CB-K17/0724,CB-K17/0661,CB-K17/0657,CB-K17/0582,CB-K17/0581,CB-K17/0506,CB-K17/0504,CB-K17/0467,CB-K17/0345,CB-K17/0098,CB-K17/0089,CB-K17/0086,CB-K17/0082,CB-K16/1837,CB-K16/1830,CB-K16/1635,CB-K16/1630,CB-K16/1624,CB-K16/1622,CB-K16/1500,CB-K16/1465,CB-K16/1307,CB-K16/1296,DFN-CERT-2019-0068,DFN-CERT-2018-1296,DFN-CERT-2018-0323,DFN-CERT-2017-2070,DFN-CERT-2017-1954,DFN-CERT-2017-1885,DFN-CERT-2017-1831,DFN-CERT-2017-1821,DFN-CERT-2017-1785,DFN-CERT-2017-1626,DFN-CERT-2017-1326,DFN-CERT-2017-1239,DFN-CERT-2017-1238,DFN-CERT-2017-1090,DFN-CERT-2017-1060,DFN-CERT-2017-0968,DFN-CERT-2017-0947,DFN-CERT-2017-0946,DFN-CERT-2017-0904,DFN-CERT-2017-0816,DFN-CERT-2017-0746,DFN-CERT-2017-0677,DFN-CERT-2017-0675,DFN-CERT-2017-0611,DFN-CERT-2017-0609,DFN-CERT-2017-0522,DFN-CERT-2017-0519,DFN-CERT-2017-0482,DFN-CERT-2017-0351,DFN-CERT-2017-0090,DFN-CERT-2017-0089,DFN-CERT-2017-0088,DFN-CERT-2017-0086,DFN-CERT-2016-1943,DFN-CERT-2016-1937,DFN-CERT-2016-1732,DFN-CERT-2016-1726,DFN-CERT-2016-1715,DFN-CERT-2016-1714,DFN-CERT-2016-1588,DFN-CERT-2016-1555,DFN-CERT-2016-1391,DFN-CERT-2016-1378Other:https://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/https://sweet32.
info/OpenVasVulnerabilityReportHackerTarget.
com3389/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com3269/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com636/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
comgeneral/tcpLow(CVSS:2.
6)NVT:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)SummaryTheremotehostimplementsTCPtimestampsandthereforeallowstocomputetheuptime.
VulnerabilityDetectionResultItwasdetectedthatthehostimplementsRFC1323.
Thefollowingtimestampswereretrievedwithadelayof1secondsin-between:Packet1:623055Packet2:624131ImpactAsideeffectofthisfeatureisthattheuptimeoftheremotehostcansometimesbecomputed.
SolutionSolutiontype:MitigationTodisableTCPtimestampsonlinuxaddtheline'net.
ipv4.
tcp_timestamps=0'to/etc/sysctl.
conf.
Execute'sysctl-p'toapplythesettingsatruntime.
TodisableTCPtimestampsonWindowsexecute'netshinttcpsetglobaltimestamps=disabled'StartingwithWindowsServer2008andVista,thetimestampcannotbecompletelydisabled.
ThedefaultbehavioroftheTCP/IPstackonthisSystemsistonotusetheTimestampoptionswheninitiatingTCPconnections,butusethemiftheTCPpeerthatisinitiatingcommunicationincludesthemintheirsynchronize(SYN)segment.
Seealso:http://www.
microsoft.
com/en-us/download/details.
aspxid=9152AffectedSoftware/OSTCP/IPv4implementationsthatimplementRFC1323.
VulnerabilityInsightTheremotehostimplementsTCPtimestamps,asdefinedbyRFC1323.
VulnerabilityDetectionMethodSpecialIPpacketsareforgedandsentwithalittledelayinbetweentothetargetIP.
Theresponsesaresearchedforatimestamps.
Iffound,thetimestampsarereported.
Details:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)Versionused:$Revision:10411$ReferencesOther:http://www.
ietf.
org/rfc/rfc1323.
txtThisfilewasautomaticallygenerated.
OpenVasVulnerabilityReportHackerTarget.
com
comhostsasuiteoftrustedopensourcevulnerabilityscanners.
SecureyourAttackSurfacewithourvulnerabilitydiscoveryandnetworkintelligencesolutions.
ThisreportwasautogeneratedusingtheopensourceOpenVASVulnerabilityScanner.
CONFIDENTIAL-ThisreportcontainssensitiveinformationandshouldbestoredinasecurelocationOpenVasVulnerabilityReportHackerTarget.
com123334445TableofContentsOpenVasVulnerabilityReportTableofContentsSummaryHostSummaryVulnerabilitySummaryResultsbyHostHost192.
168.
1.
56PortSummaryforHost192.
168.
1.
56SecurityIssuesforHost192.
168.
1.
56OpenVasVulnerabilityReportHackerTarget.
com1HIGH6MEDIUM1LOWSummaryScanstarted:TueFeb1211:08:492019UTCScanended:TueFeb1211:18:442019UTCAnyHIGHandMEDIUMseverityvulnerabilitiesshouldbeinvestigatedandconfirmedsothatremediationcantakeplace.
LOWriskitemsshouldnotbeignoredastheycanbechainedwithothervulnerabilitiestoenablefurtherattacks.
HostSummaryHostStartEndHighMediumLowLog192.
168.
1.
56(WIDGETServer)Feb12,11:09Feb12,11:181610Total:11610VulnerabilitySummarySeverityDescriptionCVSSCountHighMicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)9.
31MediumDCE/RPCandMSRPCServicesEnumerationReporting5.
01MediumSSL/TLS:ReportVulnerableCipherSuitesforHTTPS5.
01MediumSSL/TLS:ReportWeakCipherSuites4.
34LowTCPtimestamps2.
61OpenVasVulnerabilityReportHackerTarget.
comResultsbyHostHost192.
168.
1.
56Hostscanstarted:TueFeb1211:09:042019UTCPortSummaryforHost192.
168.
1.
56Service(Port)Severitygeneral/tcpLow3389/tcpMedium636/tcpMedium445/tcpHigh443/tcpMedium135/tcpMedium3269/tcpMediumOpenVasVulnerabilityReportHackerTarget.
com445/tcpSecurityIssuesforHost192.
168.
1.
56High(CVSS:9.
3)NVT:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)SummaryThishostismissingacriticalsecurityupdateaccordingtoMicrosoftBulletinMS17-010.
VulnerabilityDetectionResultVulnerabilitywasdetectedaccordingtotheVulnerabilityDetectionMethod.
ImpactSuccessfulexploitationwillallowremoteattackerstogaintheabilitytoexecutecodeonthetargetserver,alsocouldleadtoinformationdisclosurefromtheserver.
SolutionSolutiontype:VendorFixRunWindowsUpdateandupdatethelistedhotfixesordownloadandupdatementionedhotfixesintheadvisoryAffectedSoftware/OSMicrosoftWindows10x32/x64EditionMicrosoftWindowsServer2012EditionMicrosoftWindowsServer2016MicrosoftWindows8.
1x32/x64EditionMicrosoftWindowsServer2012R2EditionMicrosoftWindows7x32/x64EditionServicePack1MicrosoftWindowsVistax32/x64EditionServicePack2MicrosoftWindowsServer2008R2x64EditionServicePack1MicrosoftWindowsServer2008x32/x64EditionServicePack2VulnerabilityInsightMultipleflawsexistduetothewaythattheMicrosoftServerMessageBlock1.
0(SMBv1)serverhandlescertainrequests.
VulnerabilityDetectionMethodSendthecraftedSMBtransactionrequestwithfid=0andchecktheresponsetoconfirmthevulnerability.
Details:MicrosoftWindowsSMBServerMultipleVulnerabilities-Remote(4013389)(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
810676)Versionused:$Revision:11874$ReferencesCVE:CVE-2017-0143,CVE-2017-0144,CVE-2017-0145,CVE-2017-0146,CVE-2017-0147,CVE-2017-0148BID:96703,96704,96705,96707,96709,96706CERT:CB-K17/0435,DFN-CERT-2017-0448Other:https://support.
microsoft.
com/en-in/kb/4013078https://technet.
microsoft.
com/library/security/MS17-010https://github.
com/rapid7/metasploit-framework/pull/8167/filesOpenVasVulnerabilityReportHackerTarget.
com135/tcpMedium(CVSS:5.
0)NVT:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)SummaryDistributedComputingEnvironment/RemoteProcedureCalls(DCE/RPC)orMSRPCservicesrunningontheremotehostcanbeenumeratedbyconnectingonport135anddoingtheappropriatequeries.
VulnerabilityDetectionResultHereisthelistofDCE/RPCorMSRPCservicesrunningonthishostviatheTCPprotocol:Port:49664/tcpUUID:d95afe70-a6d5-4259-822e-2c84da1ddb0d,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49664]Port:49665/tcpUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPClientLRPCEndpointUUID:3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:DHCPv6ClientLRPCEndpointUUID:f6beaff7-1e19-4fbb-9f8f-b89e2018337c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49665]Annotation:EventlogTCPIPPort:49666/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:KeyIsoOpenVasVulnerabilityReportHackerTarget.
comUUID:c9ac6db5-82b7-4e55-ae8a-e464ed7b4277,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:ImplfriendlynameUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49666]Annotation:MSNTDirectoryDRSInterfacePort:49668/tcpUUID:0d3c7f20-1c8d-4654-a1b3-51563b298bda,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:1ff70682-0a51-30e8-076d-740be8cee98b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Namedpipe:atsvcWin32serviceorprocess:mstask.
exeDescription:SchedulerserviceUUID:201ef99a-7fa0-444c-9399-19ba84f12a1a,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:29770a8f-829b-4158-90a2-78cd488501f7,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:2e6035b2-e8f1-41a7-a044-656b439c4c34,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerproviderserverendpointUUID:33d84484-3626-47ee-8c6f-e7e98b113be1,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:3a9ef155-691d-4449-8d05-09ad57031823,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:552d076a-cb29-4e44-8b6a-d15e59e2c0af,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:IPTransitionConfigurationendpointUUID:58e604e8-9adb-4d2e-a464-3b0683fb1480,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:5f54ce7d-5b79-4175-8584-cb65313a0e98,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:86d35949-83c9-4044-b424-db363231fd0c,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:b18fbab6-56f8-4702-84e0-41053293a869,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:UserMgrCliUUID:c36be077-e14b-4fe9-8abc-e856ef4f048b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:ProxyManagerclientserverendpointUUID:c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AdhAPIsOpenVasVulnerabilityReportHackerTarget.
comUUID:d09bdeb5-6171-4a34-bfe2-06fa82652568,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]UUID:fb9a3757-cff0-4db0-b9fc-bd6c131612fd,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoUUID:fd7a0523-dc70-43dd-9b2e-9c5ed48225b1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49668]Annotation:AppInfoPort:49673/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:KeyIsoUUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2,version4Endpoint:ncacn_http:192.
168.
1.
56[49673]Annotation:MSNTDirectoryDRSInterfacePort:49674/tcpUUID:0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:RemoteAccessCheckUUID:12345678-1234-abcd-ef00-01234567cffb,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:NetlogonDescription:NetLogonserviceUUID:12345778-1234-abcd-ef00-0123456789ab,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeOpenVasVulnerabilityReportHackerTarget.
comDescription:LSAaccessUUID:12345778-1234-abcd-ef00-0123456789ac,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Namedpipe:lsassWin32serviceorprocess:lsass.
exeDescription:SAMaccessUUID:51a227ae-825b-41f2-b4a9-1ac9557a1018,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:8fb74744-b2ff-4c00-be0d-9ef9a191fe1b,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:NgcPopKeyServiceUUID:b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49674]Annotation:KeyIsoPort:49675/tcpUUID:0b6edbfa-4a24-4fc6-8a23-942b1eca65d1,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:12345678-1234-abcd-ef00-0123456789ab,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Namedpipe:spoolssWin32serviceorprocess:spoolsv.
exeDescription:SpoolerserviceUUID:4a452661-8290-4b36-8fbe-7f4093a94978,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:76f03f96-cdfd-44fc-a22c-64950a001209,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]UUID:ae33069b-a2a8-46ee-a235-ddfd339be281,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49675]Port:49683/tcpUUID:367abb81-9844-35f1-ad32-98f038001003,version2Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49683]Port:49728/tcpUUID:50abc2a4-574d-40b3-9d66-ee4fd5fba076,version5Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49728]Namedpipe:dnsserverWin32serviceorprocess:dns.
exeDescription:DNSServerPort:49914/tcpUUID:897e2e5f-93f3-4376-9c9c-fd2277495c27,version1Endpoint:ncacn_ip_tcp:192.
168.
1.
56[49914]Annotation:Frs2ServicePort:63520/tcpUUID:91ae6020-9e3c-11cf-8d7c-00aa00c091be,version0Endpoint:ncacn_ip_tcp:192.
168.
1.
56[63520]Namedpipe:certWin32serviceorprocess:certsrv.
exeDescription:CertificateserviceOpenVasVulnerabilityReportHackerTarget.
comNote:DCE/RPCorMSRPCservicesrunningonthishostlocallywereidentified.
Reportingthislistisnotenabledbydefaultduetothepossiblelargesizeofthislist.
Seethescriptpreferencestoenablethisreporting.
ImpactAnattackermayusethisfacttogainmoreknowledgeabouttheremotehost.
SolutionSolutiontype:MitigationFilterincomingtraffictothisports.
VulnerabilityDetectionMethodDetails:DCE/RPCandMSRPCServicesEnumerationReporting(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
10736)Versionused:$Revision:6319$OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:5.
0)NVT:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)SummaryThisroutinereportsallSSL/TLSciphersuitesacceptedbyaservicewhereattackvectorsexistsonlyonHTTPSservices.
VulnerabilityDetectionResult'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)'Vulnerable'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_3DES_EDE_CBC_SHA(SWEET32)SolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
AffectedSoftware/OSServicesacceptingvulnerableSSL/TLSciphersuitesviaHTTPS.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthevulnerableciphersuites:-64-bitblockcipher3DESvulnerabletotheSWEET32attack(CVE-2016-2183).
VulnerabilityDetectionMethodDetails:SSL/TLS:ReportVulnerableCipherSuitesforHTTPS(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
108031)Versionused:$Revision:5232$ReferencesCVE:CVE-2016-2183,CVE-2016-6329CERT:CB-K18/0296,CB-K17/1980,CB-K17/1871,CB-K17/1803,CB-K17/1753,CB-K17/1750,CB-K17/1709,CB-K17/1558,CB-K17/1273,CB-K17/1202,CB-K17/1196,CB-K17/1055,CB-K17/1026,CB-K17/0939,CB-K17/0917,CB-K17/0915,CB-K17/0877,CB-K17/0796,CB-K17/0724,CB-K17/0661,CB-K17/0657,CB-K17/0582,CB-K17/0581,CB-K17/0506,CB-K17/0504,CB-K17/0467,CB-K17/0345,CB-K17/0098,CB-K17/0089,CB-K17/0086,CB-K17/0082,CB-K16/1837,CB-K16/1830,CB-K16/1635,CB-K16/1630,CB-K16/1624,CB-K16/1622,CB-K16/1500,CB-K16/1465,CB-K16/1307,CB-K16/1296,DFN-CERT-2019-0068,DFN-CERT-2018-1296,DFN-CERT-2018-0323,DFN-CERT-2017-2070,DFN-CERT-2017-1954,DFN-CERT-2017-1885,DFN-CERT-2017-1831,DFN-CERT-2017-1821,DFN-CERT-2017-1785,DFN-CERT-2017-1626,DFN-CERT-2017-1326,DFN-CERT-2017-1239,DFN-CERT-2017-1238,DFN-CERT-2017-1090,DFN-CERT-2017-1060,DFN-CERT-2017-0968,DFN-CERT-2017-0947,DFN-CERT-2017-0946,DFN-CERT-2017-0904,DFN-CERT-2017-0816,DFN-CERT-2017-0746,DFN-CERT-2017-0677,DFN-CERT-2017-0675,DFN-CERT-2017-0611,DFN-CERT-2017-0609,DFN-CERT-2017-0522,DFN-CERT-2017-0519,DFN-CERT-2017-0482,DFN-CERT-2017-0351,DFN-CERT-2017-0090,DFN-CERT-2017-0089,DFN-CERT-2017-0088,DFN-CERT-2017-0086,DFN-CERT-2016-1943,DFN-CERT-2016-1937,DFN-CERT-2016-1732,DFN-CERT-2016-1726,DFN-CERT-2016-1715,DFN-CERT-2016-1714,DFN-CERT-2016-1588,DFN-CERT-2016-1555,DFN-CERT-2016-1391,DFN-CERT-2016-1378Other:https://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/https://sweet32.
info/OpenVasVulnerabilityReportHackerTarget.
com3389/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com3269/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com636/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
com443/tcpMedium(CVSS:4.
3)NVT:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)SummaryThisroutinereportsallWeakSSL/TLSciphersuitesacceptedbyaservice.
NOTE:NoseverityforSMTPserviceswith'OpportunisticTLS'andweakciphersuitesonport25/tcpisreported.
Iftoostrongciphersuitesareconfiguredforthisservicethealternativewouldbetofallbacktoanevenmoreinsecurecleartextcommunication.
VulnerabilityDetectionResult'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
0protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
1protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHA'Weak'ciphersuitesacceptedbythisserviceviatheTLSv1.
2protocol:TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_SHASolutionSolutiontype:MitigationTheconfigurationofthisservicesshouldbechangedsothatitdoesnotacceptthelistedweakciphersuitesanymore.
Pleaseseethereferencesformoreresourcessupportingyouwiththistask.
VulnerabilityInsightTheserulesareappliedfortheevaluationofthecryptographicstrength:-RC4isconsideredtobeweak(CVE-2013-2566,CVE-2015-2808).
-Ciphersusing64bitorlessareconsideredtobevulnerabletobruteforcemethodsandthereforeconsideredasweak(CVE-2015-4000).
-1024bitRSAauthenticationisconsideredtobeinsecureandthereforeasweak.
-Anycipherconsideredtobesecureforonlythenext10yearsisconsideredasmedium-AnyothercipherisconsideredasstrongVulnerabilityDetectionMethodDetails:SSL/TLS:ReportWeakCipherSuites(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
103440)Versionused:$Revision:11135$ReferencesCVE:CVE-2013-2566,CVE-2015-2808,CVE-2015-4000OpenVasVulnerabilityReportHackerTarget.
comCERT:CB-K17/1750,CB-K16/1593,CB-K16/1552,CB-K16/1102,CB-K16/0617,CB-K16/0599,CB-K16/0168,CB-K16/0121,CB-K16/0090,CB-K16/0030,CB-K15/1751,CB-K15/1591,CB-K15/1550,CB-K15/1517,CB-K15/1514,CB-K15/1464,CB-K15/1442,CB-K15/1334,CB-K15/1269,CB-K15/1136,CB-K15/1090,CB-K15/1059,CB-K15/1022,CB-K15/1015,CB-K15/0986,CB-K15/0964,CB-K15/0962,CB-K15/0932,CB-K15/0927,CB-K15/0926,CB-K15/0907,CB-K15/0901,CB-K15/0896,CB-K15/0889,CB-K15/0877,CB-K15/0850,CB-K15/0849,CB-K15/0834,CB-K15/0827,CB-K15/0802,CB-K15/0764,CB-K15/0733,CB-K15/0667,CB-K14/0935,CB-K13/0942,DFN-CERT-2017-1821,DFN-CERT-2016-1692,DFN-CERT-2016-1648,DFN-CERT-2016-1168,DFN-CERT-2016-0665,DFN-CERT-2016-0642,DFN-CERT-2016-0184,DFN-CERT-2016-0135,DFN-CERT-2016-0101,DFN-CERT-2016-0035,DFN-CERT-2015-1853,DFN-CERT-2015-1679,DFN-CERT-2015-1632,DFN-CERT-2015-1608,DFN-CERT-2015-1542,DFN-CERT-2015-1518,DFN-CERT-2015-1406,DFN-CERT-2015-1341,DFN-CERT-2015-1194,DFN-CERT-2015-1144,DFN-CERT-2015-1113,DFN-CERT-2015-1078,DFN-CERT-2015-1067,DFN-CERT-2015-1038,DFN-CERT-2015-1016,DFN-CERT-2015-1012,DFN-CERT-2015-0980,DFN-CERT-2015-0977,DFN-CERT-2015-0976,DFN-CERT-2015-0960,DFN-CERT-2015-0956,DFN-CERT-2015-0944,DFN-CERT-2015-0937,DFN-CERT-2015-0925,DFN-CERT-2015-0884,DFN-CERT-2015-0881,DFN-CERT-2015-0879,DFN-CERT-2015-0866,DFN-CERT-2015-0844,DFN-CERT-2015-0800,DFN-CERT-2015-0737,DFN-CERT-2015-0696,DFN-CERT-2014-0977Other:https://www.
bsi.
bund.
de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.
htmlhttps://bettercrypto.
org/https://mozilla.
github.
io/server-side-tls/ssl-config-generator/OpenVasVulnerabilityReportHackerTarget.
comgeneral/tcpLow(CVSS:2.
6)NVT:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)SummaryTheremotehostimplementsTCPtimestampsandthereforeallowstocomputetheuptime.
VulnerabilityDetectionResultItwasdetectedthatthehostimplementsRFC1323.
Thefollowingtimestampswereretrievedwithadelayof1secondsin-between:Packet1:623055Packet2:624131ImpactAsideeffectofthisfeatureisthattheuptimeoftheremotehostcansometimesbecomputed.
SolutionSolutiontype:MitigationTodisableTCPtimestampsonlinuxaddtheline'net.
ipv4.
tcp_timestamps=0'to/etc/sysctl.
conf.
Execute'sysctl-p'toapplythesettingsatruntime.
TodisableTCPtimestampsonWindowsexecute'netshinttcpsetglobaltimestamps=disabled'StartingwithWindowsServer2008andVista,thetimestampcannotbecompletelydisabled.
ThedefaultbehavioroftheTCP/IPstackonthisSystemsistonotusetheTimestampoptionswheninitiatingTCPconnections,butusethemiftheTCPpeerthatisinitiatingcommunicationincludesthemintheirsynchronize(SYN)segment.
Seealso:http://www.
microsoft.
com/en-us/download/details.
aspxid=9152AffectedSoftware/OSTCP/IPv4implementationsthatimplementRFC1323.
VulnerabilityInsightTheremotehostimplementsTCPtimestamps,asdefinedbyRFC1323.
VulnerabilityDetectionMethodSpecialIPpacketsareforgedandsentwithalittledelayinbetweentothetargetIP.
Theresponsesaresearchedforatimestamps.
Iffound,thetimestampsarereported.
Details:TCPtimestamps(OID:1.
3.
6.
1.
4.
1.
25623.
1.
0.
80091)Versionused:$Revision:10411$ReferencesOther:http://www.
ietf.
org/rfc/rfc1323.
txtThisfilewasautomaticallygenerated.
OpenVasVulnerabilityReportHackerTarget.
com
IMIDC(rainbow cloud):香港/台湾/日本/莫斯科独立服务器特价,闪购大促销,最低30usd/月起
imidc怎么样?imidc彩虹网路,rainbow cloud知名服务器提供商。自营多地区数据中心,是 Apnic RIPE Afrinic Arin 认证服务商。拥有丰富的网路资源。 在2021年 6.18 开启了输血大促销,促销区域包括 香港 台湾 日本 莫斯科 等地促销机型为 E3係,参与促销地区有 香港 日本 台湾 莫斯科 等地, 限量50台,售罄为止,先到先得。所有服务器配置 CPU ...
速云:广州移动/深圳移动/广东联通/香港HKT等VDS,9折优惠,最低月付9元;深圳独立服务器1050元/首月起
速云怎么样?速云,国人商家,提供广州移动、深圳移动、广州茂名联通、香港hkt等VDS和独立服务器。现在暑期限时特惠,力度大。广州移动/深圳移动/广东联通/香港HKT等9折优惠,最低月付9元;暑期特惠,带宽、流量翻倍,深港mplc免费试用!点击进入:速云官方网站地址速云优惠码:全场9折优惠码:summer速云优惠活动:活动期间,所有地区所有配置可享受9折优惠,深圳/广州地区流量计费VDS可选择流量翻...
快云科技:香港沙田CN2云服务器低至29元/月起;美国高防弹性云/洛杉矶CUVIP低至33.6元/月起
快云科技怎么样?快云科技是一家成立于2020年的新起国内主机商,资质齐全 持有IDC ICP ISP等正规商家。云服务器网(yuntue.com)小编之前已经介绍过很多快云科技的香港及美国云服务器了,这次再介绍一下新的优惠方案。目前,香港云沙田CN2云服务器低至29元/月起;美国超防弹性云/洛杉矶CUVIP低至33.6元/月起。快云科技的云主机架构采用KVM虚拟化技术,全盘SSD硬盘,RAID10...
ms17-010为你推荐
-
支持ipadwin7关闭445端口如何快速关闭445端口itunes备份itunes 里面的资料如何备份?iphonewifi苹果wifi版和4G版是什么意思,有什么区别吗kb4012598win7怎么查看电脑是否安装了 ms17 010google分析google分析打不开了?迅雷雷鸟雷鸟手机怎么样bitchina2015年igem国内大学参加结果ios10.0.3苹果10.03系统怎么样div居中怎么让div居中?