Vulnerability found on port ftp (21/tcp)
Vulnerability found on port ftp (21/tcp)
Information found on port ftp (21/tcp)
An FTP server is running on this port.
Here is its banner :
220 noc.school.pacnog.fj FTP server (Version 6.00LS) ready.
Nessus ID : 10330
Information found on port ftp (21/tcp)
Remote FTP server banner :
220 noc.school.pacnog.fj FTP server (Version 6.00LS) ready.
Nessus ID : 10092
Information found on port ftp (21/tcp)
Remote FTP server banner :
220 noc.school.pacnog.fj FTP server (Version 6.00LS) ready.
Nessus ID : 10092
Information found on port ssh (22/tcp)
An ssh server is running on this port
Nessus ID : 10330
Information found on port ssh (22/tcp)
Remote SSH version : SSH-2.0-OpenSSH_3.8.1p1 FreeBSD-20040419
Remote SSH supported authentication : publickey,keyboard-interactive
Nessus ID : 10267
Information found on port smtp (25/tcp)
An SMTP server is running on this port
Here is its banner :
220 noc.school.pacnog.fj ESMTP Exim 4.51 Tue, 21 Jun 2005 14:39:46 +1200
Nessus ID : 10330
Information found on port smtp (25/tcp)
Remote SMTP server banner :
220 noc.school.pacnog.fj ESMTP Exim 4.51 Tue, 21 Jun 2005 14:40:57 +1200
This is probably: Exim version 4.51
Nessus ID : 10263
Information found on port smtp (25/tcp)
This server could be fingerprinted as being Exim 2.12,3.12,3.22,3.33,3.35,4.01,4.12
Nessus ID : 11421
Warning found on port http (80/tcp)
Your webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject
to cross-site-scripting attacks, dubbed XST for
"Cross-Site-Tracing", when used in conjunction with
various weaknesses in browsers.
An attacker may use this flaw to trick your
legitimate web users to give him their
credentials.
Solution: Disable these methods.
If you are using Apache, add the following lines for each virtual
host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
If you are using Microsoft IIS, use the URLScan tool to deny HTTP TRACE
requests or to permit only the methods needed to meet site requirements
and policy.
If you are using Sun ONE Web Server releases 6.0 SP2 and later, add the
following to the default object section in obj.conf:
<Client method="TRACE">
AuthTrans fn="set-variable"
remove-headers="transfer-encoding"
set-headers="content-length: -1"
error="501"
</Client>
If you are using Sun ONE Web Server releases 6.0 SP2 or below, compile
the NSAPI plugin located at:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603
See http://www.whitehatsec.com/press_releases/WH-PR-20030120.pdf
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0035.html
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603
http://www.kb.cert.org/vuls/id/867593
Risk factor : Medium
BID : 9506, 9561, 11604
Nessus ID : 11213
Information found on port http (80/tcp)
A web server is running on this port
Nessus ID : 10330
Information found on port http (80/tcp)
The remote web server type is :
Apache/2.0.53 (FreeBSD)
Solution : You can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.
Nessus ID : 10107
Information found on port http (80/tcp)
The following directories were discovered:
/cgi-bin, /icons, /img, /manual
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Nessus ID : 11032
Information found on port http (80/tcp)
The following directories were discovered:
/cgi-bin, /icons, /img, /manual
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Nessus ID : 11032
Warning found on port nessus (1241/tcp)
A Nessus Daemon is listening on this port.
Nessus ID : 10147
Information found on port nessus (1241/tcp)
A TLSv1 server answered on this port
Nessus ID : 10330
Information found on port nessus (1241/tcp)
Here is the TLSv1 server certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=fj, L=Nadi, O=PacNOG Workshop, OU=Certification Authority for noc.school.pacnog.fj, CN=noc.school.pacnog.fj/emailAddress=ca@noc.school.pacnog.fj
Validity
Not Before: Jun 21 02:32:12 2005 GMT
Not After : Jun 21 02:32:12 2006 GMT
Subject: C=fj, L=Nadi, O=PacNOG Workshop, OU=Server certificate for noc.school.pacnog.fj, CN=noc.school.pacnog.fj/emailAddress=nessusd@noc.school.pacnog.fj
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c1:6f:69:f3:29:3f:ba:fd:3f:40:5f:8a:ad:07:
3d:e3:57:43:d5:d8:7e:0c:1a:a9:48:0a:52:81:ee:
0a:1f:ad:e8:8e:ba:74:7a:fd:9b:80:0d:e3:d8:d0:
4e:75:a3:8c:ca:2f:05:df:36:4f:b3:de:4a:b8:21:
be:14:fb:24:73:71:fc:a2:5e:67:51:42:dc:55:e6:
fa:19:ed:9a:f9:13:a8:ca:d4:ab:a2:21:83:48:da:
fa:e2:50:05:ac:6a:7a:0e:b6:e8:50:97:25:e0:e2:
ff:0a:43:97:1e:d4:29:d1:ed:58:9c:48:f4:90:f9:
2e:db:7d:af:48:49:59:d3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
Netscape Cert Type:
SSL Server
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
35:3F:39:5C:0F:86:92:10:C5:89:87:B7:1B:B0:4E:3B:AD:F3:E7:9F
X509v3 Authority Key Identifier:
keyid:69:F5:2D:05:1E:1C:51:F2:34:B0:CB:A3:80:EF:71:DE:D9:DD:E4:63
DirName:/C=fj/L=Nadi/O=PacNOG Workshop/OU=Certification Authority for noc.school.pacnog.fj/CN=noc.school.pacnog.fj/emailAddress=ca@noc.school.pacnog.fj
serial:FA:91:4E:09:F2:A5:88:09
X509v3 Subject Alternative Name:
email:nessusd@noc.school.pacnog.fj
X509v3 Issuer Alternative Name:
<EMPTY>
Signature Algorithm: md5WithRSAEncryption
55:b6:45:da:cf:e1:e2:a2:a5:b4:d3:89:eb:e7:dc:f5:15:4e:
04:e4:24:d7:9b:f9:89:a4:42:86:78:be:35:a7:83:ce:de:da:
7c:0d:2a:ef:17:d4:2e:6a:3a:a1:a5:88:06:a7:8a:7d:f3:bb:
bc:cf:ec:1d:4d:1c:ac:0a:de:5b:53:85:32:53:0d:4a:e8:38:
8b:4e:fe:7a:59:63:af:7d:b8:a6:63:88:4b:06:44:61:9d:67:
e5:cc:bf:e1:0e:4d:ff:4f:d3:0b:f5:8f:5c:46:e6:db:bf:ee:
94:a3:68:de:76:da:bf:79:c9:cd:e7:37:23:e5:e1:fe:bc:62:
44:24
This TLSv1 server does not accept SSLv2 connections.
This TLSv1 server does not accept SSLv3 connections.
Nessus ID : 10863
Warning found on port cvsup (5999/tcp)
A CVSup server is running on this port
Nessus ID : 10330