Report for Host "ccs.temple-inland.com"

Vulnerability Summary





HostNetwork
High Risk 1 vulnerabilities1 vulnerabilities
Medium Risk5 vulnerabilities5 vulnerabilities
Low Risk20 vulnerabilities20 vulnerabilities


The following graphs depict information about the current host in comparison with other hosts on the network. The value associated with the current host is plotted in red on the bar labelled "Current". Above this, on the bar labelled "Max" is the value associated with the host with the maximum count. Below it is the average value across all hosts on the network (labelled "Avg"), and finally the value of the host with the minimum count.


Host Analysis

Based on information gained from CyberCop Scanner probes to this host, the following conclusions can be made about its overall security. For more information on interpreting this analysis, see the report introduction.

Warning! This host is significantly threatened:

This host can be compromised completely by a remote attacker.

Primary Threats

High risk vulnerabilities are present with these impacts: System Integrity

Misconfiguration

A significant portion of the vulnerabilities present on this host are due to software misconfiguration. It is possible that this machine is running in an insecure "out-of-the-box" configuration, which needs to be examined and modified.

Vulnerability Analysis

CyberCop Scanner probes indicate that the following individual vulnerabilities are very likely to be present on this host. Vulnerabilities are seperated by "class", representing the different services and implications of the many different problems probed for by the scanner. For detailed information about the vulnerability descriptions and the various classes of problems looked for by the scanner, see the report introduction.

Information Gathering and Recon

  • 1008 : FTP banner check (Risk Factor: Low)


    • Complexity of Attack: Low
    Ease of Resolution: Moderate
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Implementation
    Impact of Vulnerability: Intelligence

    Module Output

    220 ccs Microsoft FTP Service (Version 3.0).

  • 1009 : Anonymous FTP check (Risk Factor: Medium)


    • Complexity of Attack: Low
    Ease of Resolution: Simple
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Misconfiguration
    Impact of Vulnerability: Intelligence

  • 1033 : ICMP netmask obtained (Risk Factor: Low)


    • Complexity of Attack: Medium
    Ease of Resolution: Moderate
    Popularity of Attack: Obscure
    Root Cause of Vulnerability: Design
    Impact of Vulnerability: Intelligence

    Module Output

    ICMP Netmask Reply: 255.255.255.0

  • 1036 : WWW Web Server Version (Risk Factor: Low)


    • Complexity of Attack: Low
    Ease of Resolution: Difficult
    Popularity of Attack: Widespread
    Root Cause of Vulnerability: Implementation
    Impact of Vulnerability: Intelligence

    Module Output

    Server: Microsoft-IIS/3.0

  • 1041 : Trace route to host (Risk Factor: Low)


    • Complexity of Attack: Low
    Ease of Resolution: Moderate
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Design
    Impact of Vulnerability: Intelligence

    Module Output

    127.0.0.1,localhost

    167.159.36.1

    167.159.9.1

    167.159.170.10

    167.159.2.2

    167.159.6.14,ccs.temple-inland.com

    File Transfer Protocols

  • 2003 : FTP - ports opened in sequential order (Risk Factor: Medium)


    • Complexity of Attack: Medium
    Ease of Resolution: Moderate
    Popularity of Attack: Obscure
    Root Cause of Vulnerability: Implementation
    Impact of Vulnerability: Confidentiality, Data Integrity,

    Password Guessing/Grinding

  • 9001 : FTP Password Guessing (Risk Factor: High)


    • Complexity of Attack: Low
    Ease of Resolution: Simple
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Misconfiguration
    Impact of Vulnerability: System Integrity,

    Module Output

    Guessed user: ftp Password: (Any Password)

    World Wide Web, HTTP and CGI

  • 10053 : IIS ism.dll Basic/NTLM Authentication Vulnerability (Risk Factor: Medium)


    • Complexity of Attack: Medium
    Ease of Resolution: Trivial
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Misconfiguration
    Impact of Vulnerability: System Integrity,

    Module Output

    Password Authentication supported:

    WWW-Authenticate: Basic realm="167.159.6.14"

  • 10056 : IIS Associations reveal webroot Vulnerability (Risk Factor: Medium)


    • Complexity of Attack: Low
    Ease of Resolution: Trivial
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Implementation
    Impact of Vulnerability: System Integrity,

    Module Output

    D:\InetPub\scripts\938736226.ida

    D:\InetPub\scripts\938736227.idc

    D:\InetPub\scripts\938736227.stm

    D:\InetPub\scripts\938736227.pl

    D:\InetPub\scripts\938736228.cgi

    D:\InetPub\scripts\938736228.idq

    SMB/NetBIOS Resource Sharing

  • 16020 : NetBIOS Name Table Retrieval (Risk Factor: Low)


    • Complexity of Attack: Medium
    Ease of Resolution: Moderate
    Popularity of Attack: Widespread
    Root Cause of Vulnerability: Misconfiguration
    Impact of Vulnerability: Intelligence

    Module Output

    INSIDE-TIN

    TIFPC

    INet~Services

    IS~INSIDE-TIN

    Domain Name System and BIND

  • 17018 : DNS version number check (Risk Factor: Low)


    • Complexity of Attack: Low
    Ease of Resolution: Moderate
    Popularity of Attack: Widespread
    Root Cause of Vulnerability: Implementation
    Impact of Vulnerability: Intelligence

    Module Output

    Meta IP/DNS V4.0 - BIND V8.1.2 (Build 4426 )

    SNMP/Network Management

  • 20001 : SNMP Community check (Risk Factor: Medium)


    • Complexity of Attack: Low
    Ease of Resolution: Simple
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Misconfiguration
    Impact of Vulnerability: Data Integrity, Authorization, Intelligence

    Module Output

    'public': read-only

  • 20010 : SNMP MIB-II Miscellaneous data (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    System Description: Hardware: x86 Family 6 Model 1 Stepping 9 AT/AT COMPATIBLE - Software: Windows NT Version 4.0 (Build Number: 1381 Multiprocessor Free )

    System Contact: NAI Test

    System Name: INSIDE-TIN

    System Location: Diboll, TX

    SNMP Uptime: 6d 0:38:59.60

    Ip Forwarding: off

  • 20011 : SNMP MIB-II TCP table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    TCP Table:

    0.0.0.0 1027 -> 0.0.0.0 43092 LISTEN

    0.0.0.0 1028 -> 0.0.0.0 35052 LISTEN

    0.0.0.0 1029 -> 0.0.0.0 51315 LISTEN

    0.0.0.0 1030 -> 0.0.0.0 2096 LISTEN

    0.0.0.0 1031 -> 0.0.0.0 35070 LISTEN

    0.0.0.0 1033 -> 0.0.0.0 18620 LISTEN

    0.0.0.0 6665 -> 0.0.0.0 26737 LISTEN

    0.0.0.0 1036 -> 0.0.0.0 26740 LISTEN

    0.0.0.0 1039 -> 0.0.0.0 18519 LISTEN

    0.0.0.0 1040 -> 0.0.0.0 59481 LISTEN

    0.0.0.0 1041 -> 0.0.0.0 43035 LISTEN

    0.0.0.0 6162 -> 0.0.0.0 18545 LISTEN

    0.0.0.0 1044 -> 0.0.0.0 18648 LISTEN

    0.0.0.0 21 -> 0.0.0.0 43100 LISTEN

    0.0.0.0 65301 -> 0.0.0.0 26746 LISTEN

    0.0.0.0 1047 -> 0.0.0.0 51203 LISTEN

    0.0.0.0 1050 -> 0.0.0.0 26811 LISTEN

    0.0.0.0 1053 -> 0.0.0.0 10415 LISTEN

    0.0.0.0 1056 -> 0.0.0.0 2192 LISTEN

    0.0.0.0 1059 -> 0.0.0.0 10367 LISTEN

    0.0.0.0 1067 -> 0.0.0.0 34883 LISTEN

    0.0.0.0 1070 -> 0.0.0.0 10291 LISTEN

    0.0.0.0 1075 -> 0.0.0.0 34858 LISTEN

    0.0.0.0 1076 -> 0.0.0.0 2051 LISTEN

    0.0.0.0 53 -> 0.0.0.0 51320 LISTEN

    0.0.0.0 1077 -> 0.0.0.0 2112 LISTEN

    0.0.0.0 1080 -> 0.0.0.0 34850 LISTEN

    0.0.0.0 1081 -> 0.0.0.0 59449 LISTEN

    0.0.0.0 80 -> 0.0.0.0 43159 LISTEN

    0.0.0.0 7770 -> 0.0.0.0 18683 LISTEN

    0.0.0.0 7771 -> 0.0.0.0 34893 LISTEN

    0.0.0.0 389 -> 0.0.0.0 59469 LISTEN

    0.0.0.0 135 -> 0.0.0.0 10369 LISTEN

    0.0.0.0 135 -> 0.0.0.0 43143 LISTEN

    0.0.0.0 5001 -> 0.0.0.0 2087 LISTEN

    0.0.0.0 5004 -> 0.0.0.0 34891 LISTEN

    0.0.0.0 5005 -> 0.0.0.0 51239 LISTEN

    0.0.0.0 161 -> 0.0.0.0 59581 LISTEN

    0.0.0.0 162 -> 0.0.0.0 26707 LISTEN

    0.0.0.0 2040 -> 0.0.0.0 35002 LISTEN

    0.0.0.0 2301 -> 0.0.0.0 34990 LISTEN

    0.0.0.0 5631 -> 0.0.0.0 51350 LISTEN

    127.0.0.1 1026 -> 0.0.0.0 51344 LISTEN

    127.0.0.1 1026 -> 127.0.0.1 1077 ESTABLISHED

    127.0.0.1 1032 -> 0.0.0.0 34947 LISTEN

    127.0.0.1 1033 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1034 -> 0.0.0.0 34957 LISTEN

    127.0.0.1 1039 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1040 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1041 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1044 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1047 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1050 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1053 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1056 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1059 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1067 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 1070 -> 127.0.0.1 389 ESTABLISHED

    127.0.0.1 53 -> 0.0.0.0 10372 LISTEN

    127.0.0.1 53 -> 0.0.0.0 10376 LISTEN

    127.0.0.1 1077 -> 127.0.0.1 1026 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1033 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1039 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1040 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1041 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1044 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1047 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1050 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1053 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1056 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1059 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1067 ESTABLISHED

    127.0.0.1 389 -> 127.0.0.1 1070 ESTABLISHED

    167.159.6.14 5632 -> 0.0.0.0 43052 LISTEN

    167.159.6.14 1028 -> 167.159.6.14 7770 ESTABLISHED

    167.159.6.14 1029 -> 167.159.6.14 7770 ESTABLISHED

    167.159.6.14 1030 -> 167.159.6.14 7771 ESTABLISHED

    167.159.6.14 20 -> 167.159.36.64 1311 TIMEWAIT

    167.159.6.14 20 -> 167.159.36.64 1322 TIMEWAIT

    167.159.6.14 22 -> 0.0.0.0 18677 LISTEN

    167.159.6.14 1075 -> 167.159.6.14 7770 ESTABLISHED

    167.159.6.14 1076 -> 167.159.6.14 7770 ESTABLISHED

    167.159.6.14 53 -> 0.0.0.0 34965 LISTEN

    167.159.6.14 53 -> 0.0.0.0 2201 LISTEN

    167.159.6.14 3130 -> 0.0.0.0 43260 LISTEN

    167.159.6.14 3130 -> 167.159.44.10 139 ESTABLISHED

    167.159.6.14 80 -> 167.159.36.64 4914 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1369 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1370 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1371 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1374 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1375 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1377 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1378 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1379 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1380 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1382 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1383 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1384 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1385 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1386 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1387 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1388 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1389 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1390 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1391 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1392 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1393 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1394 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1395 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1396 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1398 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1399 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1400 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1401 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1403 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1404 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1405 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1406 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1407 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1408 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1409 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1410 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1411 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1412 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1413 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1414 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1416 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1418 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1419 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1420 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1421 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1422 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1424 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1425 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1426 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1427 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1428 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1429 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1430 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1431 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1432 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1433 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1434 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1435 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1436 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1437 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1438 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1439 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1440 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1441 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1444 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1445 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1446 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1447 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1448 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1450 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1451 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1452 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1454 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1455 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1456 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1457 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1458 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1459 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1460 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1461 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1462 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1463 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1465 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1466 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1467 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1468 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1470 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1475 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1477 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1497 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1503 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1505 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1506 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1507 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1508 TIMEWAIT

    167.159.6.14 80 -> 167.159.36.64 1509 TIMEWAIT

    167.159.6.14 7770 -> 167.159.6.14 1028 ESTABLISHED

    167.159.6.14 7770 -> 167.159.6.14 1029 ESTABLISHED

    167.159.6.14 7770 -> 167.159.6.14 1075 ESTABLISHED

    167.159.6.14 7770 -> 167.159.6.14 1076 ESTABLISHED

    167.159.6.14 7771 -> 167.159.6.14 1030 ESTABLISHED

    167.159.6.14 3426 -> 0.0.0.0 2176 LISTEN

    167.159.6.14 3426 -> 167.159.36.8 139 ESTABLISHED

    - - -> - - -

    167.159.6.14 135 -> 167.159.36.64 3666 ESTABLISHED

    167.159.6.14 137 -> 0.0.0.0 18681 LISTEN

    167.159.6.14 138 -> 0.0.0.0 2300 LISTEN

    167.159.6.14 139 -> 0.0.0.0 35063 LISTEN

    167.159.6.14 139 -> 167.159.36.64 1706 TIMEWAIT

    167.159.6.14 139 -> 167.159.36.64 1707 TIMEWAIT

    - - -> - - -

    167.159.6.14 1526 -> 0.0.0.0 59419 LISTEN

  • 20012 : SNMP MIB-II UDP table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    UDP Table:

    0.0.0.0 1027

    0.0.0.0 1031

    0.0.0.0 6665

    0.0.0.0 6162

    0.0.0.0 53

    0.0.0.0 1080

    0.0.0.0 1081

    0.0.0.0 135

    0.0.0.0 161

    0.0.0.0 162

    127.0.0.1 53

    167.159.6.14 5632

    167.159.6.14 22

    167.159.6.14 53

    167.159.6.14 137

    167.159.6.14 138

  • 20013 : SNMP MIB-II Interface Table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Interface Table:

    ==== Index: 1

    Descr: MS TCP Loopback interface

    Type: Loopback

    MTU: 1500

    Speed: 10000000

    PhysAddr: -

    AdminStat: up

    OperStat: up

    In: 38335722

    InDiscard: 0

    InErr: 0

    InUnkwn: 0

    Out: 38335722

    OutDiscard: 0

    OutErr: 0

    OutUnknwn: 0

    ==== Index: 2

    Descr: Compaq NetFlex-3 Driver, Version 1.75

    Type: ethernet

    MTU: 1500

    Speed: 100000000

    PhysAddr: 00:08:c7:a4:db:6f

    AdminStat: up

    OperStat: up

    In: 1959447955

    InDiscard: 0

    InErr: 0

    InUnkwn: 0

    Out: 771591238

    OutDiscard: 0

    OutErr: 0

    OutUnknwn: -51

  • 20014 : SNMP MIB-II Address table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Addr Table:

    iface 1 127.0.0.1 mask 255.0.0.0

    iface 2 167.159.6.14 mask 255.255.255.0

  • 20015 : SNMP MIB-II ARP table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Arp Table:

    iface 2 167.159.6.1 00:80:3e:42:5d:99 static

    iface 2 167.159.6.2 08:00:20:9e:59:17 static

  • 20016 : SNMP MIB-II Routing table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Route Table:

    ==== Dest: 0.0.0.0

    mask: 0.0.0.0

    nexthop: 167.159.6.1

    Iface: 2

    metric: 1

    type: indirect

    from: local

    age: 520758

    ==== Dest: 127.0.0.0

    mask: 255.0.0.0

    nexthop: 127.0.0.1

    Iface: 1

    metric: 1

    type: direct

    from: local

    age: 520759

    ==== Dest: 167.159.6.0

    mask: 255.255.255.0

    nexthop: 167.159.6.14

    Iface: 2

    metric: 1

    type: direct

    from: local

    age: 520758

    ==== Dest: 167.159.6.14

    mask: 255.255.255.255

    nexthop: 127.0.0.1

    Iface: 1

    metric: 1

    type: direct

    from: local

    age: 520758

    ==== Dest: 167.159.255.255

    mask: 255.255.255.255

    nexthop: 167.159.6.14

    Iface: 2

    metric: 1

    type: direct

    from: local

    age: 520758

    ==== Dest: 224.0.0.0

    mask: 224.0.0.0

    nexthop: 167.159.6.14

    Iface: 2

    metric: 1

    type: direct

    from: local

    age: 520760

    ==== Dest: 255.255.255.255

    mask: 255.255.255.255

    nexthop: 167.159.6.14

    Iface: 2

    metric: 1

    type: direct

    from: local

    age: 520760

  • 20020 : SNMP LANMAN Miscellaneous information (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    domain: TIFPC

    secmode: user-level

  • 20022 : SNMP LANMAN Service table (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Services:

    SNMP:

    installed, active, can be uninstalled, cannot be paused

    Server:

    installed, active, can be uninstalled, can be paused

    Alerter:

    installed, active, can be uninstalled, cannot be paused

    Spooler:

    installed, active, can be uninstalled, cannot be paused

    EventLog:

    installed, active, cannot be uninstalled, cannot be paused

    Schedule:

    installed, active, can be uninstalled, can be paused

    Messenger:

    installed, active, can be uninstalled, cannot be paused

    Net Logon:

    installed, active, can be uninstalled, can be paused

    Workstation:

    installed, active, can be uninstalled, can be paused

    Plug and Play:

    installed, active, can be uninstalled, can be paused

    Insight Agents:

    installed, active, can be uninstalled, can be paused

    Event Log Watch:

    installed, active, can be uninstalled, cannot be paused

    Meta IP/DNS 4.0:

    installed, active, can be uninstalled, cannot be paused

    Computer Browser:

    installed, active, can be uninstalled, cannot be paused

    Meta IP/INET 4.0:

    installed, active, can be uninstalled, cannot be paused

    Meta IP/LDAP 4.0:

    installed, active, can be uninstalled, cannot be paused

    Insight Web Agent:

    installed, active, can be uninstalled, cannot be paused

    OracleServiceCSDB:

    installed, active, can be uninstalled, can be paused

    OracleServiceWEBS:

    installed, active, can be uninstalled, can be paused

    OracleTNSListener:

    installed, active, can be uninstalled, cannot be paused

    Protected Storage:

    installed, active, can be uninstalled, cannot be paused

    SNMP Trap Service:

    installed, active, can be uninstalled, cannot be paused

    Meta IP/Manager 4.0:

    installed, active, can be uninstalled, can be paused

    TCP/IP NetBIOS Helper:

    installed, active, can be uninstalled, cannot be paused

    FTP Publishing Service:

    installed, active, can be uninstalled, can be paused

    AgentWorks Object Store:

    installed, active, can be uninstalled, cannot be paused

    AgentWorks SNMP Gateway:

    installed, active, can be uninstalled, cannot be paused

    License Logging Service:

    installed, active, can be uninstalled, cannot be paused

    pcANYWHERE Host Service:

    installed, active, can be uninstalled, cannot be paused

    AgentWorks SNMP Administrator:

    installed, active, can be uninstalled, cannot be paused

    Unicenter TNG NT System Agent:

    installed, active, can be uninstalled, cannot be paused

    MetaInfo Web Config Server 2.0:

    installed, active, can be uninstalled, cannot be paused

    NT LM Security Support Provider:

    installed, active, can be uninstalled, can be paused

    AgentWorks Object Request Broker:

    installed, active, can be uninstalled, cannot be paused

    World Wide Web Publishing Service:

    installed, active, can be uninstalled, can be paused

    Remote Procedure Call (RPC) Service:

    installed, active, cannot be uninstalled, cannot be paused

  • 20023 : SNMP LANMAN Shares (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Shares:

    ADC = d:\InetPub\wwwroot\Tin\ADC

    AHD = D:\InetPub\wwwroot\Tin\AHD

    Docs = D:\InetPub\wwwroot\Tin\Eben\Docs

    ENAF = D:\InetPub\wwwroot\Tin\ENAF

    Eben = D:\InetPub\wwwroot\Tin\Eben

    HRPI = D:\InetPub\wwwroot\Tin\HRPI

    MSDS = D:\InetPub\wwwroot\Tin\ENAF\MSDS

    YRTK = D:\InetPub\wwwroot\Tifpc\Cor\YRTK

    ORANT = D:\ORANT

    guides = D:\InetPub\wwwroot\Tin\guides

    cgi-bin = d:\InetPub\wwwroot\cgi-bin

    ftppriv = D:\InetPub\ftppriv

    wwwroot = D:\InetPub\wwwroot

    LegalPDFs = d:\InetPub\wwwroot\Tin\Legal\LegalPdfs

    Solutions = D:\InetPub\wwwroot\Tin\Eben\Solutions

    TIN_PROCESS = D:\InetPub\wwwroot\Tin\HRPI\TIN_PROCESS

  • 20024 : SNMP LANMAN Users (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: N/A
    Root Cause of Vulnerability: N/A
    Impact of Vulnerability: Intelligence

    Module Output

    Users:

    Guest

    JWade

    TRoth

    DMeyer

    DSmith

    LJones

    PFoley

    SHenry

    SWeiss

    ABearde

    BGumino

    DSmith6

    JJNicho

    JKreitl

    LDurham

    NWeisen

    PBenson

    SMcClis

    TRodger

    C6cortem

    C6rileys

    C6siderk

    C6traver

    IPPphone

    SMartine

    TinLegal

    IUSR_HOME

    MChambers

    TIFSphone

    MSheffield

    TIFPCphone

    Administrator

    Network Port Scanning

  • 21001 : TCP port scanning (Risk Factor: Low)


    • Complexity of Attack: N/A
    Ease of Resolution: N/A
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Design
    Impact of Vulnerability: Intelligence

    Module Output

    TCP Port 21 (ftp) active

    TCP Port 53 (domain) active

    TCP Port 80 (www) active

    TCP Port 135 (loc-srv) active

    TCP Port 139 (netbios-ssn) active

    TCP Port 389 (unknown) active

  • 21003 : TCP SYN port scanning (Risk Factor: Low)


    • Complexity of Attack: Medium
    Ease of Resolution: N/A
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Design
    Impact of Vulnerability: Intelligence

    Module Output

    TCP Port 21 (ftp) active

    TCP Port 53 (domain) active

    TCP Port 80 (www) active

    TCP Port 135 (loc-srv) active

    TCP Port 139 (netbios-ssn) active

    TCP Port 389 (unknown) active

    Windows NT - Information Gathering

  • 26010 : Windows NT - Enumerate RPC Bindings (EPDUMP) (Risk Factor: Low)


    • Complexity of Attack: Low
    Ease of Resolution: Infeasable
    Popularity of Attack: Popular
    Root Cause of Vulnerability: Design
    Impact of Vulnerability: Intelligence

    Module Output

    82ad4280-036b-11cf-972c-00aa006887b0 vers 2.0 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\INETINFO]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncalrpc:[INETINFO_LPC]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncacn_ip_tcp:167.159.6.14[1036]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\INETINFO]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncalrpc:[MSFTPSVC_LPC]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\MSFTPSVC]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncalrpc:[W3SVC_LPC]

    53e75790-d96b-11cd-ba18-08002b2dfead vers 2.0 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\W3SVC]

    5c89f409-09cc-101a-89f3-02608c4d2361 vers 1.1 ncalrpc:[INETINFO_LPC]

    5c89f409-09cc-101a-89f3-02608c4d2361 vers 1.1 ncacn_ip_tcp:167.159.6.14[1036]

    5c89f409-09cc-101a-89f3-02608c4d2361 vers 1.1 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\INETINFO]

    5c89f409-09cc-101a-89f3-02608c4d2361 vers 1.1 ncalrpc:[MSFTPSVC_LPC]

    5c89f409-09cc-101a-89f3-02608c4d2361 vers 1.1 ncacn_np:\\\\INSIDE-TIN[\\PIPE\\MSFTPSVC]

    82ad4280-036b-11cf-972c-00aa006887b0 vers 2.0 ncalrpc:[INETINFO_LPC]

    82ad4280-036b-11cf-972c-00aa006887b0 vers 2.0 ncacn_ip_tcp:167.159.6.14[1036]

    More information about CyberCop Scanner vulnerability report fields.

    CyberCop Scanner v5.0 (c) 1996-1999, Network Associates Inc.