Your Company Scan Results - January 2008

Vulnerability Statistics

12  17  15  16  9  2  3	High risk vulnerabilities found. Medium risk vulnerabilities found. Low risk vulnerabilities found. SANS vulnerabilities found. New vulnerabilities found. Urgent vulnerabilities found. Overdue vulnerabilities found.	4  5  1  7  10  3  1  2	Systems (31%) had high risk vulnerabilities. Systems (38%) had medium risk vulnerabilities. Systems (8%) had low risk vulnerabilities. Systems (54%) had SANS vulnerabilities. Systems (77%) had vulnerabilities. Systems (23%) had no vulnerabilities. Systems (8%) had urgent vulnerabilities. Systems (15%) had overdue vulnerabilities.	Scan Type Start Date End Date Systems Scanned New Systems	Enterprise 13-Jan-08 11:54 13-Apr-08 13:47 13 3

Key	Increase	No change	Decrease	High Risk	Medium Risk	Low Risk	No Services	No Ports/Vulns	Not Subnet Scanned

Systems

Download As CSV... Download As PDF...

Host Name	IP Address	Critical	Report	Ports	Vulnerabilities
sql2.manc.yourcompany.com	192.168.1.53		View	1	3
www.example.com	192.168.0.112		View	6	6 (5 New)
www.yourcompany.net	192.168.0.102		View	11	16 (1 New)
www.your_company.nl	192.168.0.103		View	9	4 (1 New)
dns0.example.com	192.168.0.110		View	3	2 (1 New)
mail.example.com	192.168.0.111		View	9	4
www.yourcompany.co.uk	192.168.0.100		View	4	3
apollo.example.com	192.168.0.81		View	3	3
www.yourcompany.com.my	192.168.0.106		View	1	1 (1 New)
www.your_company.fr	192.168.0.105		View	7	2
www.your_company.de	192.168.0.104		View	0	0
gopher.example.com	192.168.0.93		View	0	0
laptop.yourcompany.com	192.168.0.57		View	0	0

All Vulnerabilities

Frequency	Vulnerability	Severity
3	High Risk Ports Open	High Risk
2	Apache < 1.3.26 Chunked Encoding Vulnerability	High Risk
2	SNMP Default Community Names	High Risk
1	IIS WebDAV Buffer Overrun	High Risk
1	MySQL Database Accessible Without Password	High Risk
1	BIND < 8.2.3 Buffer Overrun	High Risk
1	MySQL < 3.23.54, 4.0.6 Multiple Vulnerabilities	High Risk
1	Sendmail < 8.12.8 Buffer Overrun	High Risk
3	MySQL < 3.23.56 Privilege Escalation	Medium Risk
2	Apache < 1.3.27 Multiple Vulnerabilities	Medium Risk
2	Apache mod_ssl < 2.8.10 off by one Vulnerability	Medium Risk
1	Apache Tomcat / Servlet Cross-Site Scripting	Medium Risk
1	Lotus Domino < 5.0.9 Database Lock DoS	Medium Risk
1	MySQL < 3.23.55 Multiple Vulnerabilities	Medium Risk
1	SMTP Server Allows VRFY/EXPN	Medium Risk
1	Cross-Site Scripting	Medium Risk
1	OpenSSL < 0.9.6m, 0.9.7d Multiple Vulnerabilities	Medium Risk
1	Lotus Domino Anonymous Database Access	Medium Risk
1	SMB NULL Session	Medium Risk
1	OpenSSL < 0.9.6j, 0.9.7b Password Interception	Medium Risk
1	Globally Useable Name Server	Medium Risk
2	TRACE and/or TRACK Methods Enabled	Low Risk
2	Identd enabled	Low Risk
2	Apache < 1.3.29 Multiple Local Flaws	Low Risk
1	Windows Terminal Service Enabled	Low Risk
1	Holes Detected in Firewall Configuration	Low Risk
1	ICMP Timestamp Request	Low Risk
1	Apache mod_userdir Information Leak	Low Risk
1	Microsoft Frontpage Extensions Installed	Low Risk
1	SSH Protocol Version 1 Enabled	Low Risk
1	/doc directory browsable	Low Risk
1	Kerberos PingPong DOS	Low Risk
1	Script Calling phpinfo() Detected	Low Risk

Scans by Sec52