Your Company Unfixed Vulnerabilities by Age - January 2008


Ordered by Host

Host NameIP AddressCriticalRegionReportPortsHighMedium
Number Longest  Number Longest
www.yourcompany.net   SANS   URGENT   OVERDUE192.168.0.102US  View 118868
www.your_company.nl   SANS192.168.0.103EMEA  View 918  
sql2.manc.yourcompany.com   SANS192.168.1.53EMEA  View 11222
mail.example.com   SANS192.168.0.111Asia  View 9  28
dns0.example.com   SANS192.168.0.110Asia  View 3  13
www.yourcompany.co.uk192.168.0.100EMEA  View 4  12
apollo.example.com   SANS   OVERDUE192.168.0.81  View 3  12

Ordered by Vulnerability

VulnerabilitySeverity SystemsLongest
IIS WebDAV Buffer OverrunHigh Risk18
Sendmail < 8.12.8 Buffer Overrun   SANS   URGENTHigh Risk18
SNMP Default Community Names   SANSHigh Risk18
Apache < 1.3.26 Chunked Encoding Vulnerability   SANSHigh Risk18
MySQL < 3.23.54, 4.0.6 Multiple Vulnerabilities   SANS   OVERDUEHigh Risk18
High Risk Ports OpenHigh Risk38
BIND < 8.2.3 Buffer Overrun   SANS   OVERDUEHigh Risk18
MySQL Database Accessible Without Password   URGENTHigh Risk18
SMTP Server Allows VRFY/EXPNMedium Risk18
MySQL < 3.23.56 Privilege Escalation   SANSMedium Risk38
Apache mod_ssl < 2.8.10 off by one VulnerabilityMedium Risk18
Lotus Domino Anonymous Database AccessMedium Risk18
Apache Tomcat / Servlet Cross-Site Scripting   SANSMedium Risk16
Globally Useable Name Server   SANSMedium Risk13
SMB NULL Session   SANSMedium Risk13
MySQL < 3.23.55 Multiple Vulnerabilities   SANSMedium Risk12
OpenSSL < 0.9.6m, 0.9.7d Multiple Vulnerabilities   SANSMedium Risk12
Apache < 1.3.27 Multiple VulnerabilitiesMedium Risk12
Cross-Site ScriptingMedium Risk11

Ordered by Contact

Collapse Expand / Collapse All

Name  SystemsReportTotal
Vulns		HighMediumLongestMonths of
Exposure
cuthbert@yourcompany.comCollapse  1  System 31225
sql2.manc.yourcompany.com   SANS192.168.1.53View31225
janebloggs@yourcompany.comCollapse  5  Systems 199108127
www.yourcompany.net   SANS   URGENT   OVERDUE192.168.0.102View14868100
www.your_company.nl   SANS192.168.0.103View11 88
mail.example.com   SANS192.168.0.111View2 2814
dns0.example.com   SANS192.168.0.110View1 133
www.yourcompany.co.uk192.168.0.100View1 122
joe.bloggs@technicians.comCollapse  3  Systems 404819
mail.example.com   SANS192.168.0.111View2 2814
dns0.example.com   SANS192.168.0.110View1 133
apollo.example.com   SANS   OVERDUE192.168.0.81View1 122
johndoe@yoursecurity.co.ukCollapse  3  Systems 17898116
www.yourcompany.net   SANS   URGENT   OVERDUE192.168.0.102View14868100
mail.example.com   SANS192.168.0.111View2 2814
www.yourcompany.co.uk192.168.0.100View1 122
manager@yourcompany.comCollapse  3  Systems 404819
mail.example.com   SANS192.168.0.111View2 2814
dns0.example.com   SANS192.168.0.110View1 133
apollo.example.com   SANS   OVERDUE192.168.0.81View1 122

Note: This report deals with unfixed vulnerabilities. A vulnerability is considered "unfixed for three scans" if it has appeared for four consecutive scans.

Scans by Sec52