ASV Scan Report Vulnerability Details PRESTO BIZ

15  Download (0)

Full text

(1)

ASV Scan Report

Vulnerability Details

PRESTO BIZ

(2)

Scan Results

Executive Summary

PCI Compliance: Passing Scan Target: secure.prestomart.com

Scan ID: 6060285 Start: 2015-03-14 05:00:01 Finish: 2015-03-14 05:41:10 Maximum score: 2.6 Scan Length: 0:41:09 Scan Expiration: 2015-06-17 TCP/IP Fingerprint OS Estimate: Linux 2.6.9 - 2.6.18

SecurityMetrics has determined that PRESTO BIZ is COMPLIANT with the PCI scan validation

requirement for this computer. Congratulations, the computer passes because no failing vulnerability was found.

If SecurityMetrics scanned your website, you may choose to use our certified logo. This logo cannot be used if we have only scanned your network, and is only valid for use on websites scanned and passing by SecurityMetrics. Your Site Certification ID is:

361087. Please keep this number. How To Add Certified Logo.

Attackers typically use footprinting, port scanning and security vulnerability scanning to find security weaknesses on computers. This report provides information on each of these categories.

Footprinting

Find public information regarding this IP, which an attacker could use to gain access: IP Information Port Scan

Attackers use a port scan to find out what programs are running on your computer. Most programs have known security weaknesses. Disable any

unnecessary programs listed below.

Port Scan

Protocol Port Program Status Summary

ICMP Ping Accepting Your computer is answering ping requests.

TCP 22 OpenSSH

4.3 Open

Port 22 is typically used by Secure Shell (SSH) software.

Properly configured SSH encrypts all data sent by a remote user who must be authorized to access this computer. Using SSH is a good security practice.

TCP 25 Sendmail

8.13.8/8.13.8 Open

Your computer is running SMTP (Simple Mail Transport Protocol). This can be a security risk since a hacker can verify user names when this service is running. If you do not need to run SMTP then turn it off. If you must run SMTP then be sure to run the latest version.

TCP 80 Apache

httpd 2.2.3 Open

Your computer appears to be running http software that allows others to view its web pages. If you don't intend this computer to allow others to view its web pages then turn this service off.

(3)

TCP 443 Apache

httpd 2.2.3 Open

Your computer appears to be running HTTP Secure Socket Layer (SSL) software. This software improves the security of HTTP communication with this server.

Security Vulnerabilities Solution Plan

The following section lists all security vulnerabilities detected on your system. Vulnerabilities which cause you to fail PCI compliance have a score listed in red.

PCI Risk Table

Security Vulnerabilities

Protocol Port Program Score Summary

TCP 443 https 2.6

Description: SSL RC4 Cipher Suites Supported

Synopsis: The remote service supports the use of the RC4 cipher.

Impact: The remote host supports the use of RC4 in one or more cipher suites.

The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream,

decreasing its randomness.

If plaintext is repeatedly encrypted (e.g. HTTP cookies), and an attacker is able to obtain many (i.e. tens of millions) ciphertexts, the attacker may be able to derive the plaintext.

See also :

http://www.nessus.org/u?217a3666 http://cr.yp.to/talks/2013.03.12/slides.pdf http://www.isg.rhul.ac.uk/tls/

Data Received: Here is the list of RC4 cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key)

TLSv1 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are :

{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc=

{symmetric encryption method} Mac={message authentication code} {export flag}

Resolution: Reconfigure the affected application, if possible, to avoid use of RC4 ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser and web server support.

Risk Factor: Low/ CVSS2 Base Score: 2.6

(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE: CVE-2013-2566

(4)

TCP None general 1.0

Description: Common Platform Enumeration (CPE)

Synopsis: It is possible to enumerate CPE names that matched on the remote system.

Impact: By using information obtained from a SecurityMetrics scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.

Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.

See also : http://cpe.mitre.org/

Data Received: The remote operating system matched the following CPE : cpe:/o:redhat:enterprise_linux:::es

Following application CPE's matched on the remote system : cpe:/a:openbsd:openssh:4.3 -> OpenBSD OpenSSH 4.3

cpe:/a:apache:http_server:2.2.3 -> Apache Software Foundation Apache HTTP Server 2.2.3 cpe:/a:sendmail:sendmail:8.13.8 -> Sendmail Sendmail 8.13.8 Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP None general 1.0

Description: TCP/IP Timestamps Supported

Synopsis: The remote service implements TCP timestamps.

Impact: The remote host implements TCP timestamps, as defined by

RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed.

See also :

http://www.ietf.org/rfc/rfc1323.txt Resolution: n/a

(5)

TCP None general 1.0

Description: OS Identification

Synopsis: It is possible to guess the remote operating system.

Impact: Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP, etc...), it is possible to guess the name of the remote operating system in use. It is also sometimes possible to guess the version of the operating system.

Data Received: Remote operating system : Linux Kernel 2.6 on Red Hat Enterprise Linux 5 Confidence Level : 95 Method : HTTP

Not all fingerprints could give a match. If you think some or all of the following could be used to identify the host's operating system, please email them to os- signatures@securitymetrics.com. Be sure to include a brief description of the host itself, such as the actual operating system or product / model names.

SinFP: P1:B10113:F0x12:W5840:O0204ffff:M1380:

P2:B10113:F0x12:W5792:O0204ffff0402080affffffff4445414401030307:M1380:

P3:B00000:F0x00:W0:O0:M0 P4:5206_7_p=443R SMTP:!:220 182960- www1.prestobiz.com ESMTP Sendmail 8.13.8/8.13.8; Sat, 14 Mar 2015 06:18:37 -0500 SSLcert:!:i/CN:GeoTrust DV SSL CAi/O:GeoTrust Inc.i/OU:Domain Validated SSLs/CN:secure.prestomart.coms/OU:Domain Control Validated - QuickSSL(R)

08de91699a82b3b9959b57e57b260513afb523ad SSH:!:SSH-2.0- OpenSSH_4.3

The remote host is running Linux Kernel 2.6 on Red Hat Enterprise Linux 5 Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

(6)

TCP 80 http 1.0

Description: Web Server robots.txt Information Disclosure Synopsis: The remote web server contains a 'robots.txt' file.

Impact: The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting certain directories in a website for

maintenance or indexing purposes. A malicious user may also be able to use the contents of this file to learn of sensitive documents or directories on the affected site and either retrieve them directly or target them for other attacks.

See also :

http://www.robotstxt.org/wc/exclusion.html Data Received: Contents of robots.txt : user-agent: sistrix disallow: /

user-agent: Goodzer disallow: / user-agent: AhrefsBot disallow: / User-agent: MJ12bot Disallow: / User-agent: BLEXBot Disallow: / User-agent: Baiduspider Disallow: / User-agent: FatBot Disallow: /

User-agent: TweetmemeBot Disallow: / User-agent: ShowyouBot Disallow: / User- agent: spbot Disallow: /

User-agent: Twitterbot Crawl-delay: 10 User- agent: NING Disallow: /

User-agent: YandexBot Disallow: / User-agent: msnbot Crawl-delay: 10 User-agent: bingbot Crawl-delay: 10 Other references : OSVDB:238

Resolution: Review the contents of the site's robots.txt file, use Robots META tags instead of entries in the robots.txt file, and/or adjust the web server's access controls to limit access to sensitive material.

(7)

TCP 80 http 1.0

Description: HTTP Server Type and Version

Synopsis: A web server is running on the remote host.

Impact: This plugin attempts to determine the type and the version of the remote web server.

Data Received: The remote web server type is : Apache/2.2.3 (Red Hat)

You can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 443 https 1.0

Description: Backported Security Patch Detection (WWW) Synopsis: Security patches are backported.

Impact: Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.

See also : http://www.nessus.org/u?d636c8c7

Data Received: Give SecurityMetrics credentials to perform local checks.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 443 https 1.0

Description: SSL Session Resume Supported

Synopsis: The remote host allows resuming SSL sessions.

Impact: This script detects whether a host allows resuming SSL sessions by performing a full SSL handshake to receive a session ID, and then

reconnecting with the previously used session ID. If the server accepts the session ID in the second connection, the server maintains a cache of sessions that can be resumed.

Data Received: This port supports resuming SSLv3 / TLSv1 sessions.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

(8)

TCP 443 https 1.0

Description: SSL / TLS Versions Supported

Synopsis: The remote service encrypts communications.

Impact: This script detects which SSL and TLS versions are supported by the remote service for encrypting communications.

Data Received: This port supports SSLv3/TLSv1.0.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 22 ssh 1.0

Description: SSH Server Type and Version Information Synopsis: An SSH server is listening on this port.

Impact: It is possible to obtain information about the remote SSH server by sending an empty authentication request.

Data Received: SSH version : SSH-2.0-OpenSSH_4.3 SSH supported authentication : publickey,password

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 80 http 1.0

Description: HyperText Transfer Protocol (HTTP) Information

Synopsis: Some information about the remote HTTP configuration can be extracted.

Impact: This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.

Data Received: Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : GET,HEAD,POST,OPTIONS,TRACE Headers :

Date: Sat, 14 Mar 2015 11:35:58 GMT Server: Apache/2.2.3 (Red Hat) Last- Modified: Sun, 09 Oct 2005 07:06:23 GMT Accept-Ranges: bytes Content- Length: 22 Cache- Control: max-age=7200, must-revalidate Connection: close Content- Type: text/html

Resolution: n/a

(9)

TCP 443 https 1.0

Description: Web Server robots.txt Information Disclosure Synopsis: The remote web server contains a 'robots.txt' file.

Impact: The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting certain directories in a website for

maintenance or indexing purposes. A malicious user may also be able to use the contents of this file to learn of sensitive documents or directories on the affected site and either retrieve them directly or target them for other attacks.

See also :

http://www.robotstxt.org/wc/exclusion.html Data Received: Contents of robots.txt : user-agent: sistrix disallow: /

user-agent: Goodzer disallow: / user-agent: AhrefsBot disallow: / User-agent: MJ12bot Disallow: / User-agent: BLEXBot Disallow: / User-agent: Baiduspider Disallow: / User-agent: FatBot Disallow: /

User-agent: TweetmemeBot Disallow: / User-agent: ShowyouBot Disallow: / User- agent: spbot Disallow: /

User-agent: Twitterbot Crawl-delay: 10 User- agent: NING Disallow: /

User-agent: YandexBot Disallow: / User-agent: msnbot Crawl-delay: 10 User-agent: bingbot Crawl-delay: 10 Other references : OSVDB:238

Resolution: Review the contents of the site's robots.txt file, use Robots META tags instead of entries in the robots.txt file, and/or adjust the web server's access controls to limit access to sensitive material.

Risk Factor: Low/ CVSS2 Base Score: 1.0

(10)

TCP None general 1.0

Description: Device Type

Synopsis: It is possible to guess the remote device type.

Impact: Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).

Data Received: Remote device type : general-purpose Confidence level : 95 Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP None general 1.0

Description: Apache Banner Linux Distribution Disclosure

Synopsis: The name of the Linux distribution running on the remote host was found in the banner of the web server.

Impact: This plugin extracts the banner of the Apache web server and attempts to determine which Linux distribution the remote host is running.

Data Received: The Linux distribution detected was : - Red Hat Enterprise Linux 5

Resolution: If you do not wish to display this information, edit

'httpd.conf' and set the directive 'ServerTokens Prod' and restart Apache.

Risk Factor: Low/ CVSS2 Base Score: 1.0

Description: SSL Certificate Information

Synopsis: This plugin displays the SSL certificate.

Impact: This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.

Data Received: Subject Name:

2.5.4.5: 958qFRDk3l-gFBlLexojXliwLukx/pr5 Organization Unit: GT85916208 Organization Unit: See www.geotrust.com/resources/cps (c)14 Organization Unit: Domain Control Validated - QuickSSL(R) Common Name:

secure.prestomart.com Issuer Name:

Country: US Organization: GeoTrust Inc. Organization Unit: Domain Validated SSL Common Name: GeoTrust DV SSL CA

Serial Number: 08 3F 66 Version: 3

(11)

TCP 443 https 1.0

Not Valid Before: Jan 02 04:57:58 2014 GMT Not Valid After: Feb 04 11:24:55 2016 GMT

Public Key Info: Algorithm: RSA Encryption Key Length: 2048 bits Public Key:

00 9F E7 0C A9 25 2C 55 91 30 EA D9 CB E6 C6 77 7E B8 31 5D CB 8B F9 86 72 58 94 61 8A D7 BA A7 3E EE 10 82 21 64 89 AF 4E 29 36 A0 28 75 F5 E9 EA 94 17 89 B1 21 08 C2 3B 66 54 11 D0 97 40 4C AE 29 8E D0 E1 19 F4 66 82 D8 D4 E0 C7 DB 12 0E 8A 2F 0F 80 C4 11 C5 2C 4A 14 6A 36 10 1E 15 53 5E E4 99 9C 26 F9 18 C5 12 44 83 2F 23 98 45 F1 FA 01 17 72 77 51 80 D9 55 F6 D4 73 9D 7B 30 AA F0 61 16 8A 58 6A CD 8B 2D 74 0D 32 F0 3C AC D2 28 7E 1C C0 0F 8C A2 C0 68 4C 49 86 FE 58 1B 53 48 09 05 DC 4C 39 6F AD 1B 43 C3 8B 51 99 7F 50 86 9A FD 5D 66 CF 8A BA 66 EA 37 D0 C6 4D CF AA 45 AA A2 D1 EE 5C F1 AE CF CE 5F 77 9D E1 6B 4A 06 C3 60 85 E8 57 18 2A C3 A6 54 90 98 E3 D9 22 7A 86 70 D7 28 26 C5 BF 47 7D 10 99 FB 85 25 FF 59 3F 28 39 B3 A3 98 4A FC C2 73 AC 54 F2 4A 04 93 Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits Signature: 00 6F 63 53 B8 23 B1 55 D1 66 1E 24 88 20 CD 9E BD 37 14 00 62 2E 65 56 DC 15 FA 09 4D 19 F7 71 23 07 E9 E4 B4 ED 15 81 63 E0 24 31 C3 AB 72 EF EA BB 3F DF 76 1C 70 93 16 32 7C 75 FC 7B E8 9D E9 AE 6E 38 5E 7F C2 7F 98 19 9D E4 6B 61 34 88 D9 42 61 E1 17 4F DE FF 60 9B 01 02 ED 11 95 44 11 47 AE B2 48 29 16 44 94 69 91 27 6B B1 2E FD CD FC C0 3A B9 1D C6 2C A1 C5 1D 20 76 10 E0 E8 BA F6 39 27 53 E1 19 D8 7B EB E1 BA 68 65 FF 00 56 CE 76 C4 DF 80 D4 C4 0F 79 57 37 A1 5E A5 D7 76 10 3D 04 DB 97 24 39 71 A5 95 5E 37 8E 97 58 5C 65 A2 CF 9E DF EA 8D 41 87 F2 9A 50 F8 F8 A5 79 DD D8 40 33 54 3A 16 28 9B 65 91 BE D7 5F 95 68 31 A4 A4 E3 AC 1F B3 30 A2 8F B1 19 1E 3E B5 AB F5 32 52 87 29 45 CD AB 44 B1 60 EC 2B DC 93 40 21 3C AC 88 AB ED 6D 17 61 57 88 15 A0 66 44 19

Extension: Authority Key Identifier (2.5.29.35) Critical: 0 Key Identifier: 8C F4 D9 93 0A 47 BC 00 A0 4A CE 4B 75 6E A0 B6 B0 B2 7E FC

Extension: Key Usage (2.5.29.15) Critical: 1 Key Usage: Digital Signature, Key Encipherment

Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1) Purpose#2: Web Client Authentication (1.3.6.1.5.5.7.3.2)

Extension: Subject Alternative Name (2.5.29.17) Critical: 0 DNS:

secure.prestomart.com

Extension: CRL Distribution Points (2.5.29.31) Critical: 0 URI: http://gtssldv- crl.geotrust.com/crls/gtssldv.crl

Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier:

8F 44 87 4D 7A 06 16 3B FE E2 27 4F E9 6A 35 21 68 8B 91 9A Extension: Basic Constraints (2.5.29.19) Critical: 1

Extension: Authority Information Access (1.3.6.1.5.5.7.1.1) Critical: 0 Method#1: Online Certificate Status Protocol URI: http://gtssldv-

ocsp.geotrust.com Method#2: Certificate Authority Issuers URI: http://gtssldv- aia.geotrust.com/gtssldv.crt Extension: Policies (2.5.29.32) Critical: 0 Policy ID

#1: 2.16.840.1.113733.1.7.54 Qualifier ID #1: Certification Practice Statement (1.3.6.1.5.5.7.2.1) CPS URI: http://www.geotrust.com/resources/cps

Resolution: n/a

(12)

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 25 smtp 1.0

Description: SMTP Server Detection

Synopsis: An SMTP server is listening on the remote port.

Impact: The remote host is running a mail (SMTP) server on this port.

Since SMTP servers are the targets of spammers, it is recommended you disable it if you do not use it.

Data Received: Remote SMTP server banner :

220 182960-www1.prestobiz.com ESMTP Sendmail 8.13.8/8.13.8; Sat, 14 Mar 2015 06:18:37 -0500

Resolution: Disable this service if you do not use it, or filter incoming traffic to this port.

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 80 http 1.0

Description: Backported Security Patch Detection (WWW) Synopsis: Security patches are backported.

Impact: Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.

See also : http://www.nessus.org/u?d636c8c7

Data Received: Give SecurityMetrics credentials to perform local checks.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 25 smtp 1.0

Description: smtpscan SMTP Fingerprinting

Synopsis: It is possible to fingerprint the remote mail server.

Impact: smtpscan is a SMTP fingerprinting tool written by Julien Bordet. It identifies the remote mail server even if the banners were changed.

Data Received: This server could be fingerprinted as :

Sendmail 8.11.2 Sendmail 8.14.7/8.14.7 Sendmail 8.14.9/8.14.9 Resolution: n/a

(13)

TCP 443 https 1.0

Description: SSL Cipher Suites Supported

Synopsis: The remote service encrypts communications using SSL.

Impact: This script detects which SSL ciphers are supported by the remote service for encrypting communications.

See also : http://www.openssl.org/docs/apps/ciphers.html

Data Received: Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.

SSL Version : TLSv1 High Strength Ciphers (>= 112-bit key) RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

SSL Version : SSLv3 High Strength Ciphers (>= 112-bit key) RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc=

{symmetric encryption method} Mac={message authentication code} {export flag}

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

UDP None general 1.0

Description: Traceroute Information

Synopsis: It was possible to obtain traceroute information.

Impact: Makes a traceroute to the remote host.

Data Received: For your information, here is the traceroute from

162.211.152.18 to 72.32.133.44 : 162.211.152.18 162.211.152.1 74.122.79.37 128.177.104.245 64.125.22.125 64.125.22.246 64.125.20.66 128.177.70.86 ? 74.205.108.121 74.205.108.9 72.32.111.107 72.32.133.44

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP None general 1.0

Description: Host Fully Qualified Domain Name (FQDN) Resolution Synopsis: It was possible to resolve the name of the remote host.

Impact: SecurityMetrics was able to resolve the FQDN of the remote host.

Data Received: 72.32.133.44 resolves as secure.prestomart.com.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

(14)

TCP 443 https 1.0

Description: HyperText Transfer Protocol (HTTP) Information

Synopsis: Some information about the remote HTTP configuration can be extracted.

Impact: This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.

Data Received: Protocol version : HTTP/1.1 SSL : yes Keep-Alive : no Options allowed : GET,HEAD,POST,OPTIONS,TRACE Headers :

Date: Sat, 14 Mar 2015 11:35:59 GMT Server: Apache/2.2.3 (Red Hat) Last- Modified: Sun, 09 Oct 2005 07:06:23 GMT Accept-Ranges: bytes Content- Length: 22 Cache- Control: max-age=7200, must-revalidate Connection: close Content- Type: text/html

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

TCP 443 https 1.0

Description: HTTP Server Type and Version

Synopsis: A web server is running on the remote host.

Impact: This plugin attempts to determine the type and the version of the remote web server.

Data Received: The remote web server type is : Apache/2.2.3 (Red Hat)

You can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers.

Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

(15)

TCP 443 https 1.0

Description: SSL Compression Methods Supported

Synopsis: The remote service supports one or more compression methods for SSL connections.

Impact: This script detects which compression methods are supported by the remote service for SSL connections.

See also : http://www.iana.org/assignments/comp-meth-ids/comp-meth-ids.xml http://tools.ietf.org/html/rfc3749 http://tools.ietf.org/html/rfc3943

http://tools.ietf.org/html/rfc5246

Data Received: SecurityMetrics was able to confirm that the following compression method is supported by the target :

NULL (0x00) Resolution: n/a

Risk Factor: Low/ CVSS2 Base Score: 1.0

ICMP None general 0.0

Description: ICMP Timestamp Request Remote Date Disclosure

Synopsis: It is possible to determine the exact time set on the remote host.

Impact: The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.

Data Received: The remote clock is synchronized with the local clock.

Resolution: Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).

Risk Factor: Low/ CVSS2 Base Score: 0.0

(AV:L/AC:L/Au:N/C:N/I:N/A:N) CVE: CVE-1999-0524

CONFIDENTIAL AND PROPRIETARY INFORMATION

SECURITYMETRICS PROVIDES THIS INFORMATION "AS IS" WITHOUT ANY WARRANTY OF ANY KIND. SECURITYMETRICS MAKES NO WARRANTY THAT THESE SERVICES WILL DETECT EVERY VULNERABILITY ON YOUR COMPUTER, OR THAT THE SUGGESTED SOLUTIONS AND ADVICE PROVIDED IN THIS REPORT, TOGETHER WITH THE RESULTS OF THE VULNERABILITY ASSESSMENT, WILL BE ERROR-FREE OR COMPLETE. SECURITYMETRICS SHALL NOT BE RESPONSIBLE OR LIABLE FOR THE ACCURACY, USEFULNESS, OR AVAILABILITY OF ANY INFORMATION TRANSMITTED VIA THE SECURITYMETRICS SERVICE, AND SHALL NOT BE RESPONSIBLE OR LIABLE FOR ANY USE OR APPLICATION OF THE INFORMATION CONTAINED IN THIS REPORT. DISSEMINATION, DISTRIBUTION, COPYING OR USE OF THIS DOCUMENT IN WHOLE OR IN PART BY A SECURITYMETRICS COMPETITOR OR THEIR AGENTS IS STRICTLY PROHIBITED.

This report was generated by a PCI Approved Scanning Vendor, SecurityMetrics, Inc., under certificate number 3707-01-09, within the guidelines of the PCI data security initiative.

Figure

Updating...

References

Related subjects :