Nessus scan report using the defualt scan policy - Tareq Hanaysha
1. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
List of hosts
tareq-laptop Medium Severity problem(s) found
[^] Back
tareq-laptop
Scan time :
Start time : Mon Nov 17 15:23:48 2008
End time : Mon Nov 17 15:38:57 2008
Number of vulnerabilities :
Open ports : 20
Low : 46
Medium : 8
High : 0
Information about the remote host :
Operating system : Microsoft Windows Vista Home
NetBIOS name : TAREQ-LAPTOP
DNS name : tareq-laptop.
[^] Back to tareq-laptop
Port unknown (49155/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 49155 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.0.102
2. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.0.102
Nessus ID : 10736
[^] Back to tareq-laptop
Port unknown (49161/tcp)
[^] Back to tareq-laptop
Port mysql (3306/tcp)
Service detection
A MySQL server is running on this port.
Nessus ID : 22964
[^] Back to tareq-laptop
Port icslap (2869/tcp)
Service Identification (2nd pass)
A web server seems to be running on this port
Nessus ID : 11153
[^] Back to tareq-laptop
Port rmiregistry (1099/tcp)
RMI Registry Detection
Synopsis :
An RMI registry is listening on the remote host.
Description :
The remote host is running an RMI registry, which acts as a bootstrap
naming service for registering and retrieving remote objects with
simple names in the Java Remote Method Invocation (RMI) system.
See also :
http://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmiTOC.html
http://java.sun.com/j2se/1.5.0/docs/guide/rmi/spec/rmi-protocol3.html
Risk factor :
None
Plugin output :
The remote RMI registry currently does not have information about
any objects.
3. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Nessus ID : 22227
[^] Back to tareq-laptop
Port unknown (25902/tcp)
Service detection
A web server is running on this port.
Nessus ID : 22964
HTTP Server type and version
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Jetty/4.2.24 (Windows Vista/6.0 x86 java/1.6.0)
Nessus ID : 10107
HyperText Transfer Protocol Information
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : yes
Keep-Alive : no
Options allowed : GET, HEAD, POST, PUT, DELETE, MOVE, OPTIONS, TRACE
Headers :
Date: Mon, 17 Nov 2008 22:27:46 GMT
Server: Jetty/4.2.24 (Windows Vista/6.0 x86 java/1.6.0)
Content-Type: text/html
Content-Length: 768
Nessus ID : 24260
[^] Back to tareq-laptop
Port netbios-ns (137/udp)
Using NetBIOS to retrieve information from a Windows host
Synopsis :
4. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
It is possible to obtain the network name of the remote host.
Description :
The remote host listens on udp port 137 and replies to NetBIOS nbtscan
requests. By sending a wildcard request it is possible to obtain the
name of the remote system and the name of its domain.
Risk factor :
None
Plugin output :
The following 4 NetBIOS names have been gathered :
TAREQ-LAPTOP = Computer name
WORKGROUP = Workgroup / Domain name
TAREQ-LAPTOP = File Server Service
WORKGROUP = Browser Service Elections
The remote host has the following MAC address on its adapter :
00:1a:73:45:41:3f
CVE : CVE-1999-0621
Other references : OSVDB:13577
Nessus ID : 10150
[^] Back to tareq-laptop
Port unknown (49153/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 49153 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.0.102
Object UUID : 00000000-0000-0000-0000-000000000000
5. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.0.102
Nessus ID : 10736
[^] Back to tareq-laptop
Port unknown (49162/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 49162 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 367abb81-9844-35f1-ad32-98f038001003, version 2.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49162
IP : 192.168.0.102
Nessus ID : 10736
[^] Back to tareq-laptop
Port unknown (49154/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available on TCP port 49154 :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
TCP Port : 49154
IP : 192.168.0.102
6. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
TCP Port : 49154
IP : 192.168.0.102
Nessus ID : 10736
[^] Back to tareq-laptop
Port general/tcp
Host FQDN
192.168.0.102 resolves as tareq-laptop.
Nessus ID : 12053
OS Identification
Remote operating system : Microsoft Windows Vista Home
Confidence Level : 99
Method : MSRPC
The remote host is running Microsoft Windows Vista Home
Nessus ID : 11936
Information about the scan
Information about this scan :
Nessus version : 3.2.1.1
Plugin feed version : 200811171434
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.0.102
Port scanner(s) : synscan
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Optimize the test : yes
Max hosts : 20
Max checks : 5
Recv timeout : 5
Backports : None
Scan Start Date : 2008/11/17 15:23
Scan duration : 897 sec
The following web server have not been scanned because they are password
protected, or too slow to answer.
They were running on ports :
+ 2869
Nessus ID : 19506
[^] Back to tareq-laptop
Port microsoft-ds (445/tcp)
SMB Detection
Synopsis :
A file / print sharing service is listening on the remote host.
Description :
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.
Risk factor :
7. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
None
Plugin output :
A CIFS server is running on this port.
Nessus ID : 11011
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available remotely :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
Named pipe : PIPEprotected_storage
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
Named pipe : pipelsass
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Remote RPC service
Named pipe : pipekeysvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Remote RPC service
Named pipe : pipetapsrv
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : pipetrkwks
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0
Description : SSDP service
Windows process : unknow
Type : Remote RPC service
Named pipe : PIPEwkssvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0
8. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Description : SSDP service
Windows process : unknow
Type : Remote RPC service
Named pipe : PIPEDAV RPC SERVICE
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEwkssvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEDAV RPC SERVICE
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEW32TIME_ALT
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEwkssvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEDAV RPC SERVICE
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEW32TIME_ALT
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEwkssvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEDAV RPC SERVICE
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEW32TIME_ALT
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Remote RPC service
Named pipe : PIPEwkssvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
9. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Type : Remote RPC service
Named pipe : PIPEDAV RPC SERVICE
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Remote RPC service
Named pipe : PIPEW32TIME_ALT
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Remote RPC service
Named pipe : PIPEsrvsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Remote RPC service
Named pipe : PIPEbrowser
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEsrvsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEbrowser
10. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEsrvsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEbrowser
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEatsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEsrvsvc
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : PIPEbrowser
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Remote RPC service
Named pipe : pipeeventlog
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Remote RPC service
Named pipe : pipeeventlog
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Remote RPC service
Named pipe : pipeeventlog
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Remote RPC service
Named pipe : pipeeventlog
11. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Netbios name : TAREQ-LAPTOP
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEInitShutdown
Netbios name : TAREQ-LAPTOP
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : PIPEInitShutdown
Netbios name : TAREQ-LAPTOP
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Remote RPC service
Named pipe : pipelsass
Netbios name : TAREQ-LAPTOP
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Remote RPC service
Named pipe : PIPEprotected_storage
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : pipelsass
Netbios name : TAREQ-LAPTOP
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : PIPEprotected_storage
Netbios name : TAREQ-LAPTOP
Nessus ID : 10736
SMB NativeLanMan
Synopsis :
It is possible to obtain information about the remote operating
system.
Description :
It is possible to get the remote operating system name and
version (Windows and/or Samba) by sending an authentication
request to port 139 or 445.
Risk factor :
None
Plugin output :
The remote Operating System is : Windows Vista (TM) Home Basic 6001 Service Pack 1
The remote native lan manager is : Windows Vista (TM) Home Basic 6.0
The remote SMB Domain Name is : TAREQ-LAPTOP
Nessus ID : 10785
SMB log in
Synopsis :
12. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
It is possible to log into the remote host.
Description :
The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using one of the following
account :
- NULL session
- Guest account
- Given Credentials
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
none
Plugin output :
- NULL sessions are enabled on the remote host
CVE : CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222, CVE-2002-1117, CVE-2005-3595
BID : 494, 990, 11199
Nessus ID : 10394
SMB registry can not be accessed by the scanner
Synopsis :
Nessus is not able to access the remote Windows Registry.
Description :
It was not possible to connect to PIPEwinreg on the remote host.
If you intend to use Nessus to perform registry-based checks, the
registry checks will not work because the 'Remote Registry Access'
service (winreg) has been disabled on the remote host or can not be
connected to with the supplied credentials.
Risk factor :
None
Nessus ID : 26917
SMB NULL session
Synopsis :
It is possible to log into the remote host.
Description :
The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using a NULL session.
A NULL session (no login/password) allows to get information about
the remote host.
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
None
CVE : CVE-2002-1117
BID : 494
Nessus ID : 26920
[^] Back to tareq-laptop
13. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Port netbios-ssn (139/tcp)
SMB Detection
Synopsis :
A file / print sharing service is listening on the remote host.
Description :
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.
Risk factor :
None
Plugin output :
An SMB server is running on this port.
Nessus ID : 11011
[^] Back to tareq-laptop
Port http (80/tcp)
Service detection
A web server is running on this port.
Nessus ID : 22964
Directory Scanner
Synopsis :
It is possible to enumerate web directories.
Description :
This plugin attempts to determine the presence of various
common dirs on the remote web server.
Risk factor :
None
Plugin output :
The following directories were discovered:
/cgi-bin, /webalizer, /error, /icons
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Other references : OWASP:OWASP-CM-006
Nessus ID : 11032
Web mirroring
The following CGI have been discovered :
Syntax : cginame (arguments [default value])
/perso/templates/jjfluidsolution/css/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
. (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
/mod_yj_whois_joomla1.5/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
/perso/templates/jjfluidsolution/images/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
/perso/administrator/index.php (lang [] passwd [] d8eef1eccbd6768d71876690f1343d31 [1] tas...)
/perso/index.php (link=aHR0cDovL3RhcmVxLWxhcHRvcC9wZXJzby9pbmRleC5waHA/dmlld...)
Directory index found at /
Directory index found at /mod_yj_whois_joomla1.5/
Directory index found at /perso/templates/jjfluidsolution/css/
Directory index found at /perso/templates/jjfluidsolution/images/
14. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Nessus ID : 10662
Web Server Uses Plain Text Authentication Forms
Synopsis :
The remote web server might transmit credentials over clear text
Description :
The remote web server contains several HTML forms containing
an input of type 'password' which transmit their information to
a remote web server over plain text.
An attacker eavesdropping the traffic might use this setup to
obtain logins and passwords of valid users.
Solution :
Make sure that every form transmits its results over HTTPS
Risk factor:
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin output :
Page : /perso/
Destination page : /perso/index.php
Input name : passwd
Page : /perso/?D=A
Destination page : /perso/index.php
Input name : passwd
Page : /perso/index.php
Destination page : /perso/index.php
Input name : passwd
Page : /perso/administrator/
Destination page : index.php
Input name : passwd
Page : /perso/administrator/?D=A
Destination page : index.php
Input name : passwd
Nessus ID : 26194
HTTP Server type and version
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Solution : You can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.
15. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Nessus ID : 10107
HyperText Transfer Protocol Information
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : yes
Keep-Alive : yes
Options allowed : (Not implemented)
Headers :
Date: Mon, 17 Nov 2008 22:27:46 GMT
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Content-Length: 855
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Nessus ID : 24260
HTTP TRACE / TRACK Methods
Synopsis :
Debugging functions are enabled on the remote web server.
Description :
The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.
In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials.
See also :
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://www.kb.cert.org/vuls/id/867593
Solution :
Disable these methods.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Solution :
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
16. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2
support disabling the TRACE method natively via the 'TraceEnable'
directive.
Plugin output :
The server response from a TRACE request is :
TRACE /6k09rg3g.html HTTP/1.1
Host: tareq-laptop
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Date: Mon, 17 Dec 2008 22:30:13 GMT
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Accept-Charset: iso-8859-1,*,utf-8
Pragma: no-cache
Accept-Language: en
Connection: Close
CVE : CVE-2004-2320
BID : 9506, 9561, 11604
Other references : OSVDB:877, OSVDB:3726
Nessus ID : 11213
WebDAV enabled
Synopsis :
The remote server is running with WebDAV enabled.
Description :
WebDAV is an industry standard extension to the HTTP specification.
It adds a capability for authorized users to remotely add and manage
the content of a web server.
If you do not use this extension, you should disable it.
Solution :
http://support.microsoft.com/default.aspx?kbid=241520
Risk factor :
None
Nessus ID : 11424
Joomla! Detection
Synopsis :
The remote web server contains a content management system written in
PHP.
Description :
The remote host is running Joomla!, an open-source content management
system written in PHP.
See also :
http://www.joomla.org/
Risk factor :
None
Plugin output :
An unknown version of Joomla! was detected on the remote host under
the path '/perso'.
Nessus ID : 21142
Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS
Synopsis :
17. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
The remote web server is vulnerable to a cross-site scripting attack.
Description :
The mod_proxy_ftp module in the version of Apache installed on the
remote host fails to properly sanitize user-supplied URL input before
using it to generate dynamic HTML output. Using specially crafted
requests for FTP URLs with globbing characters (such as asterisk,
tilde, opening square bracket, etc), an attacker may be able to
leverage this issue to inject arbitrary HTML and script code into a
user's browser to be executed within the security context of the
affected site.
See also :
http://www.rapid7.com/advisories/R7-0033
http://www.securityfocus.com/archive/1/495180/100/0/threaded
http://www.apache.org/dist/httpd/CHANGES_2.2.10
http://httpd.apache.org/security/vulnerabilities_22.html
Solution :
Either disable the affected module or upgrade to Apache version 2.2.10
or later.
Risk factor :
Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
Plugin output :
Apache version 2.2.9 appears to be running on the remote host based
on the following Server response header :
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Note that Nessus tried but failed to exploit the issue and instead has
relied only on a banner check. There may be several reasons why the
exploit failed :
- The remote web server is not configured to use
mod_proxy_ftp or to proxy requests in general.
- The remote web server is configured such that the Nessus
scanning host is not allowed to use the proxy.
- The plugin did not know of an anonymous FTP server that
it could use for testing.
CVE : CVE-2008-2939
BID : 30560
Other references : OSVDB:47474
Nessus ID : 34433
[^] Back to tareq-laptop
Port unknown (49160/tcp)
[^] Back to tareq-laptop
Port unknown (49152/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
18. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
None
Plugin output :
The following DCERPC services are available on TCP port 49152 :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49152
IP : 192.168.0.102
Nessus ID : 10736
[^] Back to tareq-laptop
Port epmap (135/tcp)
DCE Services Enumeration
Synopsis :
A DCE/RPC service is running on the remote host.
Description :
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.
Risk factor :
None
Plugin output :
The following DCERPC services are available locally :
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : LRPC-1bc1fc513ee630cdf9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
19. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Windows process : lsass.exe
Type : Local RPC service
Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : DNSResolver
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : keysvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : keysvc2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : OLE181A6D6035294F5BB0171544DBA3
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : nlaplg
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : nlaapi
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : tapsrvlpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2f5f6521-cb55-1059-b446-00df0bce31db, version 1.0
Description : Unknown RPC service
Annotation : Unimodem LRPC Endpoint
Type : Local RPC service
Named pipe : unimdmsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0
Description : IPsec Services (Windows XP & 2003)
Windows process : lsass.exe
Annotation : IPSec Policy agent endpoint
Type : Local RPC service
Named pipe : LRPC-9a43934f16adc911aa
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0
Description : Unknown RPC service
Annotation : Base Firewall Engine API
Type : Local RPC service
Named pipe : LRPC-d184615c890c17a2a8
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0
Description : Unknown RPC service
Annotation : Fw APIs
Type : Local RPC service
Named pipe : LRPC-d184615c890c17a2a8
20. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0
Description : Unknown RPC service
Annotation : Fw APIs
Type : Local RPC service
Named pipe : LRPC-d184615c890c17a2a8
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0
Description : Unknown RPC service
Annotation : Spooler function endpoint
Type : Local RPC service
Named pipe : spoolss
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0
Description : Unknown RPC service
Annotation : Spooler base remote object endpoint
Type : Local RPC service
Named pipe : spoolss
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0
Description : Unknown RPC service
Annotation : Spooler function endpoint
Type : Local RPC service
Named pipe : spoolss
Object UUID : 6cbed980-4aaa-4929-a551-c2ae1b1ed3b7
UUID : 98e96949-bc59-47f1-92d1-8c25b46f85c7, version 1.0
Description : Unknown RPC service
Annotation : IhvExtRpcServer
Type : Local RPC service
Named pipe : LRPC-f3bd63907917d67526
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b, version 1.0
Description : Unknown RPC service
Annotation : Wireless Diagnostics
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 6e616c77-7673-0063-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9, version 1.0
Description : Unknown RPC service
Annotation : Wlan Service
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c3f42c6e-d4cc-4e5a-938b-9c5e8a5d8c2e, version 1.0
Description : Unknown RPC service
Annotation : IhvExtRpcServer
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 654976df-1498-4056-a15e-cb4e87584bd8, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0
Description : Unknown RPC service
Annotation : PcaSvc
Type : Local RPC service
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Local RPC service
21. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Named pipe : LRPC-a59b50af4fc8f1c846
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : trkwks
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0
Description : Unknown RPC service
Annotation : NSI server endpoint
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0
Description : Unknown RPC service
Annotation : NSI server endpoint
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0
Description : SSDP service
Windows process : unknow
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0
Description : SSDP service
Windows process : unknow
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : c6b5235a-e413-481d-9ac8-31681b1faaf5, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : W32TIME_ALT
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8833d1d0-965f-4216-b3e9-fbe58cad3100, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : W32TIME_ALT
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
22. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2c9a33d5-f1db-472d-8464-42b8b0c76c38, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : W32TIME_ALT
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : OLEC584AE91DF1C4A77812CAA1CF156
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : LRPC-f9ff8503ca9db00abd
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : W32TIME_ALT
Object UUID : 666f7270-6c69-7365-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 736e6573-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 736e6573-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
23. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0
Description : Unknown RPC service
Annotation : IKE/Authip API
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
24. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : SECLOGON
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : SECLOGON
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE9788C8824AE448A0AC40A3CB87B9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : SECLOGON
Object UUID : 6c637067-6569-746e-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : LRPC-50d9f1e0e900b4b1a2
25. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601
UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-50d9f1e0e900b4b1a2
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Local RPC service
Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : OLEA4A78BF40E844C429353F4D40DC8
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : OLEA4A78BF40E844C429353F4D40DC8
26. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : OLEA4A78BF40E844C429353F4D40DC8
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : dhcpcsvc
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000001
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WMsgKRpc01211CE1
Object UUID : 52ef130c-08fd-4388-86b3-6edf00000001
UUID : 12e65dd8-887f-41ef-91bf-8d816c42c2e7, version 1.0
Description : Unknown RPC service
Annotation : Secure Desktop LRPC interface
Type : Local RPC service
Named pipe : WMsgKRpc01211CE1
Object UUID : 6d726574-7273-0076-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : LRPC-b34c62772257d8fc71
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
27. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Type : Local RPC service
Named pipe : WMsgKRpc0120F320
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WindowsShutdown
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WMsgKRpc0120F320
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WindowsShutdown
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : LRPC-1bc1fc513ee630cdf9
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : audit
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : securityevent
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : protected_storage
Object UUID : 00736665-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : LRPC-1bc1fc513ee630cdf9
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
28. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Type : Local RPC service
Named pipe : protected_storage
Nessus ID : 10736
[^] Back to tareq-laptop
Port unknown (5357/tcp)
Service detection
A web server is running on this port.
Nessus ID : 22964
HTTP Server type and version
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Microsoft-HTTPAPI/2.0
Nessus ID : 10107
HyperText Transfer Protocol Information
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 17 Nov 2008 22:27:45 GMT
Connection: close
Content-Length: 326
Nessus ID : 24260
[^] Back to tareq-laptop
Port rtsp (554/tcp)
29. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
[^] Back to tareq-laptop
Port unknown (10243/tcp)
Service detection
A web server is running on this port.
Nessus ID : 22964
HTTP Server type and version
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Microsoft-HTTPAPI/2.0
Nessus ID : 10107
HyperText Transfer Protocol Information
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : no
Pipelining : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 17 Nov 2008 22:27:45 GMT
Connection: close
Content-Length: 315
Nessus ID : 24260
[^] Back to tareq-laptop
Port https (443/tcp)
Service detection
An SSLv2 server answered on this port.
Nessus ID : 22964
30. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Service detection
A web server is running on this port through SSLv2.
Nessus ID : 22964
SSL Certificate
Synopsis :
This plugin displays the SSL certificate.
Description :
This plugin connects to every port SSL-related ports and attempts to
extract and dump the X.509 certificate.
Risk factor :
None
Plugin output :
Subject Name:
Organization: Apache Friends
Organization Unit: XAMPP for Windows
Common Name: localhost
Issuer Name:
Organization: Apache Friends
Organization Unit: XAMPP for Windows
Common Name: localhost
Serial Number: 00 8F A9 82 59 12 3A 1B E8
Version: 1
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Dec 04 15:11:04 2005 GMT
Not Valid After: Dec 04 15:11:04 2006 GMT
Public Key Info:
Algorithm: RSA Encryption
Public Key: 00 A8 91 0B 69 4F 18 DA C1 29 9A AC B1 D5 B3 AE EF 92 A7 AB
CC 0D 57 C4 15 EA B7 9B DC C2 84 CE 3E 2A 41 21 EC 29 A2 FC
E3 62 16 A8 0F 4F D0 65 4B 9B 51 DC 63 A2 8C ED E2 06 F8 12
31 50 23 91 E2 8C C0 AD 73 83 47 B5 02 CB AE 54 F8 2D 9D 48
DC 45 27 D8 5C 5D 6F 15 FD 2F 99 1A 2E BE C1 91 BA AF B5 3C
83 B7 52 CF A4 E8 C3 74 51 62 22 96 28 5F EF 04 A9 D3 68 DF
BC C4 02 DA 73 93 F5 59 2F
Exponent: 01 00 01
Signature: 00 1D 1F 34 D8 0B FF DF DE 71 59 0A C2 9B 3A C6 6F AF 97 93
5A 77 2E 9B 00 0F 9F 32 E0 87 B7 8A A0 10 4E 82 37 00 CA E1
D4 36 16 90 CD A3 62 DC 67 26 E6 8D F7 14 E2 5E 8D 3C 8C 44
51 8E 9E 76 03 42 DC 42 B6 52 C9 DB 17 B7 CD F2 0D FC A4 FF
F7 FF 9A FB B5 11 9E 58 3E C4 C3 A0 A3 F8 6A F4 D4 03 2F 65
84 95 DF 52 FF 1C 92 A9 35 DB 67 74 3E 77 D6 3A D8 6D 3B 08
28 34 9B 86 27 31 92 E7 45
Nessus ID : 10863
Supported SSL Ciphers Suites
Synopsis :
The remote service encrypts communications using SSL.
Description :
This script detects which SSL ciphers are supported by the remote
service for encrypting communications.
See also :
http://www.openssl.org/docs/apps/ciphers.html
31. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Risk factor :
None
Plugin output :
Here is the list of SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
SSLv3
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
TLSv1
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
SSLv3
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
TLSv1
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 21643
Weak Supported SSL Ciphers Suites
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
32. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928
SSL Certificate Expiry
Synopsis :
The remote server's SSL certificate has already expired or will expire
shortly.
Description :
This script checks expiry dates of certificates associated with
SSL-enabled services on the target and reports whether any have
already expired or will expire shortly.
Solution :
Purchase or generate a new SSL certificate to replace the existing
one.
Risk factor :
None
Plugin output :
The SSL certificate of the remote service expired Dec 4 15:11:04 2006 GMT!
Nessus ID : 15901
Deprecated SSL Protocol Usage
Synopsis :
The remote service encrypts traffic using a protocol with known
weaknesses.
Description :
The remote service accepts connections encrypted using SSL 2.0, which
reportedly suffers from several cryptographic flaws and has been
deprecated for several years. An attacker may be able to exploit
these issues to conduct man-in-the-middle attacks or decrypt
communications between the affected service and clients.
See also :
http://www.schneier.com/paper-ssl.pdf
Solution :
Consult the application's documentation to disable SSL 2.0 and use SSL
3.0 or TLS 1.0 instead.
33. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Nessus ID : 20007
Directory Scanner
Synopsis :
It is possible to enumerate web directories.
Description :
This plugin attempts to determine the presence of various
common dirs on the remote web server.
Risk factor :
None
Plugin output :
The following directories were discovered:
/cgi-bin, /webalizer, /error, /icons
While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards
Other references : OWASP:OWASP-CM-006
Nessus ID : 11032
Web mirroring
The following CGI have been discovered :
Syntax : cginame (arguments [default value])
. (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
/mod_yj_whois_joomla1.5/ (C=S;O [A] C=D;O [A] C=N;O [D] C=M;O [A] )
/perso/administrator/index.php (lang [en-GB] passwd [] task [login] d7883a0d1f699871df1fb9...)
/perso/index.php (searchword [search...] format [feed] passwd [] id [25] 83c...)
Directory index found at /
Directory index found at /mod_yj_whois_joomla1.5/
Nessus ID : 10662
HTTP Server type and version
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Solution : You can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.
Nessus ID : 10107
HyperText Transfer Protocol Information
34. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.1
SSL : yes
Pipelining : yes
Keep-Alive : yes
Options allowed : (Not implemented)
Headers :
Date: Mon, 17 Nov 2008 22:27:46 GMT
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Content-Length: 856
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Nessus ID : 24260
HTTP TRACE / TRACK Methods
Synopsis :
Debugging functions are enabled on the remote web server.
Description :
The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.
In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials.
See also :
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://www.kb.cert.org/vuls/id/867593
Solution :
Disable these methods.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Solution :
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2
support disabling the TRACE method natively via the 'TraceEnable'
directive.
35. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
Plugin output :
The server response from a TRACE request is :
TRACE /9h6cs6az.html HTTP/1.1
Host: tareq-laptop
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Date: Mon, 17 Dec 2008 22:30:13 GMT
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Accept-Charset: iso-8859-1,*,utf-8
Pragma: no-cache
Accept-Language: en
Connection: Close
CVE : CVE-2004-2320
BID : 9506, 9561, 11604
Other references : OSVDB:877, OSVDB:3726
Nessus ID : 11213
WebDAV enabled
Synopsis :
The remote server is running with WebDAV enabled.
Description :
WebDAV is an industry standard extension to the HTTP specification.
It adds a capability for authorized users to remotely add and manage
the content of a web server.
If you do not use this extension, you should disable it.
Solution :
http://support.microsoft.com/default.aspx?kbid=241520
Risk factor :
None
Nessus ID : 11424
Joomla! Detection
Synopsis :
The remote web server contains a content management system written in
PHP.
Description :
The remote host is running Joomla!, an open-source content management
system written in PHP.
See also :
http://www.joomla.org/
Risk factor :
None
Plugin output :
An unknown version of Joomla! was detected on the remote host under
the path '/perso'.
Nessus ID : 21142
Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS
Synopsis :
The remote web server is vulnerable to a cross-site scripting attack.
Description :
36. Nessus Scan Report
file:///F|/Downloads/Nessus report using the defualt scan policy to scan my computer.html[17/11/2008 11:13:47 PM]
The mod_proxy_ftp module in the version of Apache installed on the
remote host fails to properly sanitize user-supplied URL input before
using it to generate dynamic HTML output. Using specially crafted
requests for FTP URLs with globbing characters (such as asterisk,
tilde, opening square bracket, etc), an attacker may be able to
leverage this issue to inject arbitrary HTML and script code into a
user's browser to be executed within the security context of the
affected site.
See also :
http://www.rapid7.com/advisories/R7-0033
http://www.securityfocus.com/archive/1/495180/100/0/threaded
http://www.apache.org/dist/httpd/CHANGES_2.2.10
http://httpd.apache.org/security/vulnerabilities_22.html
Solution :
Either disable the affected module or upgrade to Apache version 2.2.10
or later.
Risk factor :
Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
Plugin output :
Apache version 2.2.9 appears to be running on the remote host based
on the following Server response header :
Server: Apache/2.2.9 (Win32) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h mod_autoindex_color PHP/5.2.6
Note that Nessus tried but failed to exploit the issue and instead has
relied only on a banner check. There may be several reasons why the
exploit failed :
- The remote web server is not configured to use
mod_proxy_ftp or to proxy requests in general.
- The remote web server is configured such that the Nessus
scanning host is not allowed to use the proxy.
- The plugin did not know of an anonymous FTP server that
it could use for testing.
CVE : CVE-2008-2939
BID : 30560
Other references : OSVDB:47474
Nessus ID : 34433