Documente Academic
Documente Profesional
Documente Cultură
Scan Status
Learning Strategies Corporation attests that: This scan includes all components which should be in scope for This scan and report were prepared and conducted by Trustwave under certificate number 3702-01-11 (2016),
PCI DSS, any component considered out-of-scope for this scan is properly segmented from my cardholder 3702-01-10 (2015), 3702-01-09 (2014), 3702-01-08 (2013), 3702-01-07 (2012), 3702-01-06 (2011), 3702-01-
data environment, and any evidence submitted to the ASV to resolve scan exceptions is accurate and 05 (2010), according to internal processes that meet PCI DSS requirement 11.2 and the PCI DSS ASV
complete. Learning Strategies Corporation also acknowledges the following: 1) proper scoping of this external Program Guide.
scan is my responsibility, and 2) this scan result only indicates whether or not my scanned systems are
compliant with the external vulnerability scan requirement of the PCI DSS; This scan does not represent Trustwave attests that the PCI DSS scan process was followed, including a manual or automated Quality
Learning Strategies Corporations overall compliance status with PCI DSS or provide any indication of Assurance process with customer boarding and scoping practices, review of results for anomalies, and review
compliance with other PCI DSS requirements. and correction of 1) disputed or incomplete results, 2) false positives, and 3) active interference. This report
and any exceptions were reviewed by the Trustwave Quality Assurance Process.
Title Date
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 1 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
HIDDEN TEXT TO MARK THE BEGINNING OF THE TABLE OF CONTENTS
Attestation of Compliance 1
Executive Summary 3
Vulnerability Details 12
137.66.32.44 (www.photoreading.com) 16
137.66.32.45 (www.learningstrategies.com) 31
137.66.32.46 (www.jeddahmali.com) 69
137.66.32.48 (www.sedona.com) 77
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 2 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Compliance
# Name Type IP Address Source Critical High Medium Low Info
Status
50.244.197.17 (Office1
2 Pass Physical 50.244.197.17 IP Address 0 0 0 0 0
Comcast)
www.learningstrategies.c
4 Fail Web Site 137.66.32.45 Domain Name 0 0 1 5 36
om
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 3 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Total Findings 0 0 2 15 96
* Note: This target did not respond to probes from the TrustKeeper scanners. For some targets, such as firewalls, this is good, since the target is protected and hidden from
the Internet. For websites, it could mean the web site is not available, or the domain name is misspelled. It is also possible that these targets are internal IP addresses that
cannot be tested by Trustwave's Internet scanners.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 4 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Configure the HTTP service(s) running on this host to adhere to information security best practices.
Restrict access to any files, applications, and/or network services for which there is no business requirement to be publicly accessible.
Ensure that any web applications running on this host is configured following industry security best practices.
Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 5 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
.com)
Note to scan customer:
12 137.66.32.45 No X-FRAME-OPTIONS Header Low 2.60 Pass
This vulnerability is not recognized in the National Vulnerability
(www.learningstra
Database.
tegies.com)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 6 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 7 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
(www.learningstra Detected
tegies.com)
Configure the HTTP service(s) running on this host to adhere to information security best practices.
Restrict access to any files, applications, and/or network services for which there is no business requirement to be publicly accessible.
Ensure that any web applications running on this host is configured following industry security best practices.
Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 8 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
com)
Configure the SSL service(s) running on this host to adhere to information security best practices.
Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 9 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
(www.sedona.com
)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 10 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Configure the HTTP service(s) running on this host to adhere to information security best practices.
Restrict access to any files, applications, and/or network services for which there is no business requirement to be publicly accessible.
Ensure that any web applications running on this host is configured following industry security best practices.
Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
No Special Notes
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 11 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Scan Customer Company Learning Strategies Corporation Date Scan Completed 2017-07-28
ASV Company Trustwave Holdings, Inc. Scan Expiration Date N/A
The following systems and network services were detected during this scan. This information is provided for your information. Please refer to "Part 4. Vulnerabilities & Policy
Violations" for all PCI compliance-related issues.
Names - A system may be known by many names. For example, a server that offers Web and mail services may be known as both www.mycompany.com and
mail.mycompany.com. This report includes as many names as could be identified, including public domain names, Windows domain/workgroups, Windows name, and
the "real" name assigned in your DNS server.
Ping - One technique TrustKeeper uses is to try to "ping" systems in your network. It is generally considered to be good practice to block inbound pings as it can give
attackers information about your network. However, this decision may be affected by network monitoring needs and other considerations.
Service Information - A large number of services (e.g., TCP and UDP ports) are probed during the scan. Any that appear to be active on the device are listed in the table.
You should review this list to ensure that only those services you intend to offer to the public are accessible. All other internal services should be protected by your
firewall or similar device.
Service Information
# Device Names OS Ping
Port Protocol Application Detail
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 12 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
Service Information
# Device Names OS Ping
Port Protocol Application Detail
The following locations were removed from your scan setup at your request and have not been included in this scan. You confirmed that these locations or domain names
do not store, process, or transmit cardholder data and therefore not required to be scanned for PCI DSS compliance.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 13 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
The following systems were discovered to be related to your network during this scan. TrustKeeper only scans those systems which are explicitly identified by you; however,
the following systems were identified using reconnaissance techniques based on the information you provided. While not scanned for this assessment, you should be aware
that an attacker could identify the same information.
Please review this information and update your TrustKeeper Scan Setup if any of the following systems are relevant to the assessment being performed. In many cases,
some of these systems will not be relevant to the assessment. Common examples include domain name servers (DNS) and mail servers maintained by your ISP. The
scanner may also identify internal systems that are not directly accessible from the Internet.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 14 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
The following systems were discovered to be related to your network during this scan. TrustKeeper only scans those systems which are explicitly identified by you; however,
the following systems were identified using reconnaissance techniques based on the information you provided. While not scanned for this assessment, you should be aware
that an attacker could identify the same information.
Please review this information and update your TrustKeeper Scan Setup if any of the following systems are relevant to the assessment being performed. In many cases,
some of these systems will not be relevant to the assessment. Common examples include domain name servers (DNS) and mail servers maintained by your ISP. The
scanner may also identify internal systems that are not directly accessible from the Internet.
If you are using load balancers in your network to spread traffic across multiple servers, it is your responsibility to ensure that the configuration of the environment
behind your load balancers is synchronized, or to ensure that the environment is scanned as part of the internal vulnerability scans required by PCI DSS.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 15 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
The following issues were identified during this scan. Please review all items and address all that items that affect compliance or the security of your system.
In the tables below you can find the following information about each TrustKeeper finding.
CVE Number - The Common Vulnerabilities and Exposure number(s) for the detected vulnerability - an industry standard for cataloging vulnerabilities. A comprehensive
list of CVEs can be found at nvd.nist.gov or cve.mitre.org.
Vulnerability - This describes the name of the finding, which usually includes the name of the application or operating system that is vulnerable.
CVSS Score - The Common Vulnerability Scoring System is an open framework for communicating the characteristics and impacts of IT vulnerabilities. Further
information can be found at www.first.org/cvss or nvd.nist.gov/cvss.cfm.
Severity - This identifies the risk of the vulnerability. It is closely associated with the CVSS score.
Compliance Status - Findings that are PCI compliance violations are indicated with a Fail status. In order to pass a vulnerability scan, these findings must be addressed.
Most findings with a CVSS score of 4 or more, or a Severity of Medium or higher, will have a Fail status. Some exceptions exist, such as DoS vulnerabilities, which are
not included in PCI compliance.
Details - TrustKeeper provides the port on which the vulnerability is detected, details about the vulnerability, links to available patches and other specific guidance on
actions you can take to address each vulnerability.
For more information on how to read this section and the scoring methodology used, please refer to the appendix.
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 16 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 17 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 18 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: unknown
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 19 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 20 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CPE: microsoft:asp.net
URI: /
Version: 2.0.50727
Remediation:
No remediation is required.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.photoreading.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 21 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
publicly accessible path of this web server.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.photoreading.com:80/bak/
HTTP Response Code: 403
URL: http://www.photoreading.com:80/css/
URL: http://www.photoreading.com:80/images/
URL: http://www.photoreading.com:80/inc/
URL: http://www.photoreading.com:80/scripts/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 22 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Reference:
http://msdn.microsoft.com/en-
us/library/system.web.httpcookie.httponly.aspx
https://www.owasp.org/index.php/HttpOnly
Evidence:
URL: http://www.photoreading.com/
Cookie Name: ASPSESSIONIDAQRQCSSR
Cookie Value: IOJDFADBGELONIMAAFFEINKK
Cookie HttpOnly Flag: false
Remediation:
Contact the vendor of this web application and request the HttpOnly
flag be set on session cookies.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 23 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Reference:
http://www.sitemaps.org/
Evidence:
sitemap.xml URL: http://www.photoreading.com/sitemap.xml
Remediation:
If a sitemap.xml file is necessary, entries in it should be kept to a
minimum.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 24 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Reference:
http://www.openssl.org/docs/apps/ciphers.html
Evidence:
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_1 : AES256-SHA
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_1 : AES128-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA384
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_2 : AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : AES256-SHA256
Cipher Suite: TLSv1_2 : AES256-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA256
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_2 : AES128-GCM-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA
Remediation:
No remediation is necessary.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 25 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 26 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: unknown
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 27 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: 2.0.50727
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 28 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://www.photoreading.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 29 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
URL: https://www.photoreading.com:443/bak/
HTTP Response Code: 403
URL: https://www.photoreading.com:443/css/
URL: https://www.photoreading.com:443/images/
URL: https://www.photoreading.com:443/inc/
URL: https://www.photoreading.com:443/scripts/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://www.sitemaps.org/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 30 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.44 (www.photoreading.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
sitemap.xml URL: https://www.photoreading.com/sitemap.xml
Remediation:
If a sitemap.xml file is necessary, entries in it should be kept to a
minimum.
23 Enumerated Hostnames 0.00 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Evidence:
Hostname: www.photoreading.com, Source: SSL Certificate Subject
Common Name
Hostname: www.photoreading.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: photoreading.com, Source: SSL Certificate Subject
subjectAltName DNS
Remediation:
No action is required.
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 31 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
A reflected cross-site scripting vulnerability was identified in this web
application. Reflected cross-site scripting is when HTML or Javascript
content is supplied to a user defined parameter to have it then
displayed (aka: reflected) back to the user and rendered or interpreted
by their browser.
CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
http://www.cert.org/advisories/CA-2000-02.html
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 32 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
http://www.owasp.org/index.php/Cross-site_scripting
http://www.owasp.org/index.php/Data_Validation
http://www.owasp.org/index.php/Review_Code_for_Cross-site_scripting
Evidence:
URL: https://www.learningstrategies.com/Register.aspx
Parameter: r
Request: GET /Register.aspx?r=<script>alert('TK0000009D')</script>
HTTP/1.1
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: www.learningstrategies.com
Content-Type: text/html
Content-Length: 0
Remediation:
Before accepting any user-supplied data, the application should
validate this data's format and reject any characters that are not
explicitly allowed (i.e. a white-list). This list should be as restrictive as
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 33 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
possible. Before using any data (stored or user-supplied) to generate
web page content, the application should escape all non alpha-numeric
characters (i.e. output-validation). This is particularly important when
the original source of data is beyond the control of the application.
Even if the source of the data isn't performing input-validation, output-
validation will still prevent XSS.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 34 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 35 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.learningstrategies.com/iFrames/Register
.aspx?Return=account&T=636368388791736626&r
=l
Form Name: (no name)
Action: https://www.learningstrategies.com/iFrames/Register
.aspx?Return=account&T=636368388791736626&r
=l
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 36 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.learningstrategies.com/Login.aspx
Form Name: (no name)
Action: https://www.learningstrategies.com:443/Login.aspx
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 37 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.learningstrategies.com/index.php/admin
Form Name: (no name)
Action: https://www.learningstrategies.com:443/index.php/a
dmin
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 38 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 39 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: 4.0.30319
Remediation:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 40 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
No remediation is required.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://137.66.32.45/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 41 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://137.66.32.45:80/svn/
HTTP Response Code: 301
URL: http://137.66.32.45:80/.svn/
URL: http://137.66.32.45:80/admin/
HTTP Response Code: 302
URL: http://137.66.32.45:80/login/
URL: http://137.66.32.45:80/_utils/
URL: http://137.66.32.45:80/dnn/
URL: http://137.66.32.45:80/wp/
URL: http://137.66.32.45:80/api/soap/?wsdl
URL: http://137.66.32.45:80/ts/
URL: http://137.66.32.45:80/TFS/
URL: http://137.66.32.45:80/mt/
URL: http://137.66.32.45:80/phpBB/
URL: http://137.66.32.45:80/lists/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 42 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: http://137.66.32.45:80/phplist/
URL: http://137.66.32.45:80/phpMyAdmin/
URL: http://137.66.32.45:80/phproxy/
URL: http://137.66.32.45:80/sit/
URL: http://137.66.32.45:80/sm/
URL: http://137.66.32.45:80/shop/
URL: http://137.66.32.45:80/_old/
URL: http://137.66.32.45:80/_vti_log/
URL: http://137.66.32.45:80/_vti_pvt/
URL: http://137.66.32.45:80/_vti_shm/
URL: http://137.66.32.45:80/_vti_txt/
URL: http://137.66.32.45:80/~log/
URL: http://137.66.32.45:80/~root/
URL: http://137.66.32.45:80/Admin/
URL: http://137.66.32.45:80/bin/
URL: http://137.66.32.45:80/CFIDE/
URL: http://137.66.32.45:80/CVS/
URL: http://137.66.32.45:80/ddrint/
URL: http://137.66.32.45:80/dir/
URL: http://137.66.32.45:80/dl/
URL: http://137.66.32.45:80/dll/
URL: http://137.66.32.45:80/dm/
URL: http://137.66.32.45:80/DMR/
URL: http://137.66.32.45:80/dms/
URL: http://137.66.32.45:80/dms0/
URL: http://137.66.32.45:80/dmsdump/
URL: http://137.66.32.45:80/down/
URL: http://137.66.32.45:80/downloads/
HTTP Response Code: 403
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 43 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: http://137.66.32.45:80/dump/
URL: http://137.66.32.45:80/EXE/
URL: http://137.66.32.45:80/howto/
URL: http://137.66.32.45:80/hp-ux/
URL: http://137.66.32.45:80/images/
URL: http://137.66.32.45:80/img/
URL: http://137.66.32.45:80/imgs/
URL: http://137.66.32.45:80/img-sys/
URL: http://137.66.32.45:80/imp/
URL: http://137.66.32.45:80/import/
URL: http://137.66.32.45:80/intl/
URL: http://137.66.32.45:80/jrun/
URL: http://137.66.32.45:80/js/
URL: http://137.66.32.45:80/jsp/
URL: http://137.66.32.45:80/junk/
URL: http://137.66.32.45:80/links/
URL: http://137.66.32.45:80/linux/
URL: http://137.66.32.45:80/log/
URL: http://137.66.32.45:80/logging/
URL: http://137.66.32.45:80/logon/
URL: http://137.66.32.45:80/logs/
URL: http://137.66.32.45:80/lost+found/
URL: http://137.66.32.45:80/msql/
URL: http://137.66.32.45:80/msword/
URL: http://137.66.32.45:80/myaccount/
URL: http://137.66.32.45:80/mysql/
URL: http://137.66.32.45:80/OA_HTML/
URL: http://137.66.32.45:80/OA_JAVA/
URL: http://137.66.32.45:80/OA_MEDIA/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 44 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: http://137.66.32.45:80/old/
URL: http://137.66.32.45:80/outgoing/
URL: http://137.66.32.45:80/ows/
URL: http://137.66.32.45:80/pdf/
HTTP Response Code: 200
URL: http://137.66.32.45:80/phorum/
URL: http://137.66.32.45:80/photo/
URL: http://137.66.32.45:80/php/
URL: http://137.66.32.45:80/pix/
URL: http://137.66.32.45:80/pls/
URL: http://137.66.32.45:80/po/
URL: http://137.66.32.45:80/priv/
URL: http://137.66.32.45:80/prv/
URL: http://137.66.32.45:80/pw/
URL: http://137.66.32.45:80/python/
URL: http://137.66.32.45:80/README/
URL: http://137.66.32.45:80/root/
URL: http://137.66.32.45:80/scripts/
URL: http://137.66.32.45:80/shipping/
URL: http://137.66.32.45:80/shopping/
URL: http://137.66.32.45:80/solutions/
URL: http://137.66.32.45:80/sql/
URL: http://137.66.32.45:80/squid/
URL: http://137.66.32.45:80/ssi/
URL: http://137.66.32.45:80/ssl/
URL: http://137.66.32.45:80/static/
URL: http://137.66.32.45:80/sun/
URL: http://137.66.32.45:80/support/
URL: http://137.66.32.45:80/sys/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 45 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: http://137.66.32.45:80/temp/
URL: http://137.66.32.45:80/tiki/
URL: http://137.66.32.45:80/tmp/
URL: http://137.66.32.45:80/tools/
URL: http://137.66.32.45:80/uploads/
URL: http://137.66.32.45:80/us/
URL: http://137.66.32.45:80/usr/
URL: http://137.66.32.45:80/util/
URL: http://137.66.32.45:80/utils/
URL: http://137.66.32.45:80/windows/
URL: http://137.66.32.45:80/www/
URL: http://137.66.32.45:80/www-sql/
URL: http://137.66.32.45:80/xml/
URL: http://137.66.32.45:80/XSL/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 46 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
encoding, resulting in a misinterpretation of the document. In cases
where a webpage will reflect user-supplied information, an attacker
could provide a specially-crafted string that could trick a web browser
into decoding the document as a specific character set. If this specially-
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: http://137.66.32.45:80/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 47 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Service: http
Application: microsoft:iis
Evidence:
CPE: jquery:jquery
URI: /
Version: 3.2.1
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: wordpress:wordpress
URI: /blog/
Version: 4.8
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 48 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
robots.txt Some Web Servers use a file called /robot(s).txt to make search
engines and any other indexing tools visit their WebPages more
frequently and more efficiently. By connecting to the server and
requesting the /robot(s).txt file, an attacker may gain additional
information about the system they are attacking. Such information as,
restricted directories, hidden directories, cgi script directories and etc.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.learningstrategies.com:80/robots.txt
Rule found: Disallow: /affiliateadd/
Rule found: Disallow: /CuteSoft_Client/
Rule found: Disallow: /dev/
Rule found: Disallow: /csedev/
Rule found: Disallow: /ftproot/
Remediation:
Take special care not to tell the robots not to index sensitive
directories, since this tells attackers exactly which of your directories
are sensitive.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 49 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.learningstrategies.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Name: wordpress:wordpress
Version: 4.8
URL: http://www.learningstrategies.com:80/blog/
Name: jquery:jquery
Version: 3.2.1
URL: http://www.learningstrategies.com:80/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 50 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.learningstrategies.com:80/blog/
HTTP Response Code: 200
URL: http://www.learningstrategies.com:80/admin/
HTTP Response Code: 302
URL: http://www.learningstrategies.com:80/api/soap/?wsdl
HTTP Response Code: 301
URL: http://www.learningstrategies.com:80/Admin/
URL: http://www.learningstrategies.com:80/downloads/
HTTP Response Code: 403
URL: http://www.learningstrategies.com:80/images/
URL: http://www.learningstrategies.com:80/myaccount/
URL: http://www.learningstrategies.com:80/pdf/
URL: http://www.learningstrategies.com:80/scripts/
URL: http://www.learningstrategies.com:80/static/
URL: http://www.learningstrategies.com:80/temp/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 51 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: http://www.learningstrategies.com:80/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Location: http://www.learningstrategies.com/FlyoutMenu.aspx?
ID=1
Parameter: ID (Possible unique ID; manipulation could allow
unauthorized access or user impersonation)
Remediation:
The parameters for this server should be examined to determine what
type of data is controlled and if it poses a security risk.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 52 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Character Encoding During the crawl of the HTTP service, we detected HTML and/or XML
documents that were missing any indication of their character set
encoding. The server and the pages it serves are responsible for
indicating the character set used to encode the documents. Typically,
these are indicated within the "Content-type" HTTP header, a 'meta'
HTTP-equiv HTML tag, or an XML document encoding header. Without
these, some web browsers may attempt to guess the character set
encoding of the document by making a guess based on whats
available. The danger in this is when browsers guess the incorrect
encoding, resulting in a misinterpretation of the document. In cases
where a webpage will reflect user-supplied information, an attacker
could provide a specially-crafted string that could trick a web browser
into decoding the document as a specific character set. If this specially-
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: http://www.learningstrategies.com:80/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 53 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
encoding.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-
us/library/system.web.httpcookie.httponly.aspx
https://www.owasp.org/index.php/HttpOnly
Evidence:
URL: http://www.learningstrategies.com/4Elements?aff=LSC17
Cookie Name: LS_PartnerCode
Cookie Value: partnerCode=LSC17&lastVisit=7/28/2017 11:36:43 AM
Cookie HttpOnly Flag: false
Remediation:
Contact the vendor of this web application and request the HttpOnly
flag be set on session cookies.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 54 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Subject: /C=US/ST=Minnesota/L=Minnetonka/O=Learning Strategies
Corporation/OU=IT/CN=*.learningstrategies.com
Issuer: /C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3
Certificate Chain Depth: 0
Wildcard Subject Name: *.learningstrategies.com
Remediation:
Review your certificate configurations to assure that wildcard
certificates are suitable for your application.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 55 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
authentication, encryption, and message authentication code (MAC) as
part of an SSL/TLS negotiation and through the lifetime of the SSL
session. It is typical that an SSL service would support multiple cipher
suites. A cipher suite can be supported by across multiple SSL/TLS
versions, so you should be of no concern to see the same cipher name
reported for multiple
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://www.openssl.org/docs/apps/ciphers.html
Evidence:
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_1 : AES256-SHA
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_1 : AES128-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA384
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_2 : AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : AES256-SHA256
Cipher Suite: TLSv1_2 : AES256-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA256
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_2 : AES128-GCM-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 56 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is necessary.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 57 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 58 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: 4.0.30319
Remediation:
No remediation is required.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://137.66.32.45/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 59 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://137.66.32.45:443/admin/
HTTP Response Code: 302
URL: https://137.66.32.45:443/api/soap/?wsdl
HTTP Response Code: 301
URL: https://137.66.32.45:443/Admin/
URL: https://137.66.32.45:443/bin/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 60 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: https://137.66.32.45:443/downloads/
HTTP Response Code: 403
URL: https://137.66.32.45:443/images/
URL: https://137.66.32.45:443/lost+found/
URL: https://137.66.32.45:443/myaccount/
URL: https://137.66.32.45:443/pdf/
HTTP Response Code: 200
URL: https://137.66.32.45:443/scripts/
URL: https://137.66.32.45:443/static/
URL: https://137.66.32.45:443/temp/
URL: https://137.66.32.45:443/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 61 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: https://137.66.32.45:443/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 62 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CPE: jquery:jquery
URI: /
Version: 3.2.1
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: wordpress:wordpress
URI: /blog/
Version: 4.8
Remediation:
No remediation is required.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 63 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://www.learningstrategies.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Name: jquery:jquery
Version: 3.2.1
URL: https://www.learningstrategies.com:443/
Name: wordpress:wordpress
Version: 4.8
URL: https://www.learningstrategies.com:443/blog/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 64 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://www.learningstrategies.com:443/blog/
HTTP Response Code: 200
URL: https://www.learningstrategies.com:443/admin/
HTTP Response Code: 302
URL: https://www.learningstrategies.com:443/api/soap/?w
sdl
HTTP Response Code: 301
URL: https://www.learningstrategies.com:443/Admin/
URL: https://www.learningstrategies.com:443/downloads/
HTTP Response Code: 403
URL: https://www.learningstrategies.com:443/images/
URL: https://www.learningstrategies.com:443/myaccount/
URL: https://www.learningstrategies.com:443/pdf/
URL: https://www.learningstrategies.com:443/scripts/
URL: https://www.learningstrategies.com:443/static/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 65 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: https://www.learningstrategies.com:443/temp/
URL: https://www.learningstrategies.com:443/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Location: https://www.learningstrategies.com/FlyoutMenu.aspx
?ID=1
Parameter: ID (Possible unique ID; manipulation could allow
unauthorized access or user impersonation)
Remediation:
The parameters for this server should be examined to determine what
type of data is controlled and if it poses a security risk.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 66 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: https://www.learningstrategies.com:443/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 67 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/SecureFlag
Evidence:
URL: https://www.learningstrategies.com/
Cookie Name: ASP.NET_SessionId
Cookie Value: qzs51jjlnpzeeem2mp3wmmsf
Cookie Secure Flag: false
Remediation:
Contact the vendor of this web application and request the Secure flag
be set on session cookies transmitted over HTTPS.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 68 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.45 (www.learningstrategies.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
42 Enumerated Hostnames 0.00 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Evidence:
Hostname: learningstrategies.com, Source: SSL Certificate Subject
subjectAltName DNS
Remediation:
No action is required.
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 69 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 70 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 71 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: unknown
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 72 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Evidence:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 73 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Subject: /CN=www.paraliminal.com
Issuer: /C=US/O=GeoTrust Inc./OU=Domain Validated
SSL/CN=GeoTrust DV SSL CA - G3
Certificate Chain Depth: 0
Reason: The hostname on the certificate does not match any of the
hostnames provided to the scanner.
Remediation:
If this certificate is associated with a service accessible to the general
public, you may want to consider acquiring a certificate from a well-
known CA, and that it is not expired. Please note the port associated
with this finding. This finding may NOT be originating from port 443,
which is what most online testing tools check by default.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Evidence:
Subject: /CN=www.paraliminal.com
Issuer: /C=US/O=GeoTrust Inc./OU=Domain Validated
SSL/CN=GeoTrust DV SSL CA - G3
Certificate Chain Depth: 0
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 74 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Hostnames provided to scanner: www.jeddahmali.com, 137.66.32.46
Subject Name: www.paraliminal.com
Subject Alternative Name: www.paraliminal.com
Subject Alternative Name: paraliminal.com
Remediation:
Check your certificate to ensure it is installed on the correct service.
Verify that you have added the domain name or fully qualified virtual
host name of the system to your Network Questionnaire. Additionally,
check your DNS servers to ensure that the domain name is properly
mapped to the correct IP address. Please note the port associated with
this finding. This finding may NOT be originating from port 443, which
is what most online testing tools check by default.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 75 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Reference:
http://www.openssl.org/docs/apps/ciphers.html
Evidence:
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_1 : AES256-SHA
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_1 : AES128-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA384
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_2 : AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : AES256-SHA256
Cipher Suite: TLSv1_2 : AES256-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA256
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_2 : AES128-GCM-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA
Remediation:
No remediation is necessary.
11 Enumerated Hostnames 0.00 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 76 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.46 (www.jeddahmali.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
Hostname: www.paraliminal.com, Source: SSL Certificate Subject
Common Name
Hostname: www.paraliminal.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: paraliminal.com, Source: SSL Certificate Subject
subjectAltName DNS
Remediation:
No action is required.
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 77 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
http://www.cert.org/advisories/CA-2000-02.html
http://www.owasp.org/index.php/Cross-site_scripting
http://www.owasp.org/index.php/Data_Validation
http://www.owasp.org/index.php/Review_Code_for_Cross-site_scripting
Evidence:
URL: https://www.sedona.com/Register.aspx
Parameter: r
Request: GET /Register.aspx?r=<script>alert('TK0000009D')</script>
HTTP/1.1
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 78 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Host: www.sedona.com
Content-Type: text/html
Content-Length: 0
Remediation:
Before accepting any user-supplied data, the application should
validate this data's format and reject any characters that are not
explicitly allowed (i.e. a white-list). This list should be as restrictive as
possible. Before using any data (stored or user-supplied) to generate
web page content, the application should escape all non alpha-numeric
characters (i.e. output-validation). This is particularly important when
the original source of data is beyond the control of the application.
Even if the source of the data isn't performing input-validation, output-
validation will still prevent XSS.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 79 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Service: http
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 80 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/Clickjacking#X-FRAME-OPTIONS
Remediation:
Consider utilizing the X-FRAME-OPTIONS header option to prevent click-
jacking type of attacks.
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.sedona.com/iFrames/Register.aspx?Retu
rn=account&T=636368386166540610&r=l
Form Name: (no name)
Action: https://www.sedona.com/iFrames/Register.aspx?
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 81 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Action: Return=account&T=636368386166540610&r=l
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.sedona.com/iFrames/Register.aspx?Retu
rn=account&T=636368386188692761&r=
Form Name: (no name)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 82 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Action: https://www.sedona.com/iFrames/Register.aspx?Retu
rn=account&T=636368386188692761&r=
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.sedona.com/Login.aspx
Form Name: (no name)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 83 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Action: https://www.sedona.com:443/Login.aspx
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Location: https://www.sedona.com/index.php/admin
Form Name: (no name)
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 84 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Action: https://www.sedona.com:443/index.php/admin
Fields: ctl00$Content$Password (password)
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 85 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
The web server appears to be using Microsoft's URLScan tool, an ISAPI
filter that can be configured to block specified web requests.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: jquery:jquery
URI: /
Version: 3.2.1
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 86 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 87 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URI: /
Version: 4.0.30319
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: wordpress:wordpress
URI: /sedonamethodblog/
Version: 4.8
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 88 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
restricted directories, hidden directories, cgi script directories and etc.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.sedona.com:80/robots.txt
Rule found: Disallow: /affiliateadd/
Rule found: Disallow: /CuteSoft_Client/
Rule found: Disallow: /dev/
Rule found: Disallow: /csedev/
Rule found: Disallow: /ftproot/
Remediation:
Take special care not to tell the robots not to index sensitive
directories, since this tells attackers exactly which of your directories
are sensitive.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 89 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
URL: http://www.sedona.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Name: jquery:jquery
Version: 3.2.1
URL: http://www.sedona.com:80/
Name: wordpress:wordpress
Version: 4.8
URL: http://www.sedona.com:80/sedonamethodblog/
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 90 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: http://www.sedona.com:80/admin/
HTTP Response Code: 302
URL: http://www.sedona.com:80/api/soap/?wsdl
HTTP Response Code: 301
URL: http://www.sedona.com:80/Admin/
URL: http://www.sedona.com:80/downloads/
HTTP Response Code: 403
URL: http://www.sedona.com:80/images/
URL: http://www.sedona.com:80/myaccount/
URL: http://www.sedona.com:80/pdf/
HTTP Response Code: 200
URL: http://www.sedona.com:80/scripts/
URL: http://www.sedona.com:80/sitebuilderpictures/
URL: http://www.sedona.com:80/static/
URL: http://www.sedona.com:80/temp/
URL: http://www.sedona.com:80/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 91 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Location: http://www.sedona.com/FlyoutMenu.aspx?ID=1
Parameter: ID (Possible unique ID; manipulation could allow
unauthorized access or user impersonation)
Remediation:
The parameters for this server should be examined to determine what
type of data is controlled and if it poses a security risk.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 92 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
these, some web browsers may attempt to guess the character set
encoding of the document by making a guess based on whats
available. The danger in this is when browsers guess the incorrect
encoding, resulting in a misinterpretation of the document. In cases
where a webpage will reflect user-supplied information, an attacker
could provide a specially-crafted string that could trick a web browser
into decoding the document as a specific character set. If this specially-
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: http://www.sedona.com:80/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 93 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
version provided by the remote service. This finding does not represent
a vulnerability, but is only meant to provide visibility into the behavior
and configuration of the remote SSL/TLS service.
The information provided as part of this finding includes the SSL
version (ex: TLSv1) as well as the name of the cipher suite (ex: RC4-
SHA).
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://www.openssl.org/docs/apps/ciphers.html
Evidence:
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_1 : AES256-SHA
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_1 : AES128-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA384
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_2 : AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : AES256-SHA256
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 94 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Cipher Suite: TLSv1_2 : AES256-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA256
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES128-SHA
Cipher Suite: TLSv1_2 : AES128-GCM-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA256
Cipher Suite: TLSv1_2 : AES128-SHA
Remediation:
No remediation is necessary.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://technet.microsoft.com/en-us/security/cc242650.aspx
Evidence:
Method: urlscan.ini 'MaxQueryString' is set to the default of 2048.
Query strings longer than 2048 characters are rejected.
Remediation:
No remediation necessary. This is identified for informational purposes.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 95 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:iis
URI: /
Version: 8.0
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:.net_framework
URI: /
Version: unknown
Remediation:
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 96 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: microsoft:asp.net
URI: /
Version: 4.0.30319
Remediation:
No remediation is required.
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 97 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
URL: https://137.66.32.48/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 98 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
URL: https://137.66.32.48:443/admin/
HTTP Response Code: 302
URL: https://137.66.32.48:443/api/soap/?wsdl
HTTP Response Code: 301
URL: https://137.66.32.48:443/Admin/
URL: https://137.66.32.48:443/bin/
URL: https://137.66.32.48:443/downloads/
HTTP Response Code: 403
URL: https://137.66.32.48:443/images/
URL: https://137.66.32.48:443/lost+found/
URL: https://137.66.32.48:443/myaccount/
URL: https://137.66.32.48:443/pdf/
HTTP Response Code: 200
URL: https://137.66.32.48:443/scripts/
URL: https://137.66.32.48:443/static/
URL: https://137.66.32.48:443/temp/
URL: https://137.66.32.48:443/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 99 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
HTTP-equiv HTML tag, or an XML document encoding header. Without
these, some web browsers may attempt to guess the character set
encoding of the document by making a guess based on whats
available. The danger in this is when browsers guess the incorrect
encoding, resulting in a misinterpretation of the document. In cases
where a webpage will reflect user-supplied information, an attacker
could provide a specially-crafted string that could trick a web browser
into decoding the document as a specific character set. If this specially-
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: https://137.66.32.48:443/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 100 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
The following applications have been enumerated on this device.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: jquery:jquery
URI: /
Version: 3.2.1
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
CPE: wordpress:wordpress
URI: /sedonamethodblog/
Version: 4.8
Remediation:
No remediation is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 101 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://www.sedona.com/
Methods: OPTIONS, TRACE, GET, HEAD, POST
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 102 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Evidence:
Name: jquery:jquery
Version: 3.2.1
URL: https://www.sedona.com:443/
Name: wordpress:wordpress
Version: 4.8
URL: https://www.sedona.com:443/sedonamethodblog/
Remediation:
No remediation is required.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
URL: https://www.sedona.com:443/admin/
HTTP Response Code: 302
URL: https://www.sedona.com:443/api/soap/?wsdl
HTTP Response Code: 301
URL: https://www.sedona.com:443/Admin/
URL: https://www.sedona.com:443/downloads/
HTTP Response Code: 403
URL: https://www.sedona.com:443/images/
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 103 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
URL: https://www.sedona.com:443/myaccount/
URL: https://www.sedona.com:443/pdf/
HTTP Response Code: 200
URL: https://www.sedona.com:443/scripts/
URL: https://www.sedona.com:443/securecontrolpanel/
URL: https://www.sedona.com:443/sitebuildercontent/
URL: https://www.sedona.com:443/sitebuilderpictures/
URL: https://www.sedona.com:443/static/
URL: https://www.sedona.com:443/temp/
URL: https://www.sedona.com:443/uploads/
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Evidence:
Location: https://www.sedona.com/FlyoutMenu.aspx?ID=1
Parameter: ID (Possible unique ID; manipulation could allow
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 104 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
unauthorized access or user impersonation)
Remediation:
The parameters for this server should be examined to determine what
type of data is controlled and if it poses a security risk.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 105 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: https://www.sedona.com:443/pdf/
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Service: http
Application: microsoft:iis
Reference:
https://www.owasp.org/index.php/SecureFlag
Evidence:
URL: https://www.sedona.com/
Cookie Name: ASP.NET_SessionId
Cookie Value: qfmywgjhqkufocijvjctc0qm
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 106 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
137.66.32.48 (www.sedona.com)
CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
Cookie Secure Flag: false
Remediation:
Contact the vendor of this web application and request the Secure flag
be set on session cookies transmitted over HTTPS.
37 Enumerated Hostnames 0.00 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Evidence:
Hostname: www.sedona.com, Source: SSL Certificate Subject Common
Name
Hostname: www.sedona.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: sedona.com, Source: SSL Certificate Subject
subjectAltName DNS
Remediation:
No action is required.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 107 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
It is important to pay special attention to the security of your Web servers. This section provides a convenient list of all of the Web servers found in the course of the
network scan based on the locations you specified in your scan setup. Information profiled includes the server type (e.g., Microsoft IIS or Apache) and the title of the default
Web page. Some tips for using this information are below.
You should ensure that all Web servers listed in this section are authorized and intended to be running in your network since many systems will inadvertently be
configured with some type of Web server when they are installed.
In addition, many network devices (e.g., routers, switches and print servers) may have Web-based management interfaces of which you may not have been aware.
Whenever possible, unused Web interfaces should be disabled or, at a minimum, password protected.
Review the "Port" column and make sure that any sites that should be secure are using port 443 (HTTPS, or "Secure Web") to encrypt the web sessions.
Special Note: If you are using load balancers for your web sites to spread the web traffic across multiple servers, it is your responsibility to ensure that the configuration of
the environment behind your load balancers is synchronized, or to ensure that the environment is scanned as part of the internal vulnerability scans required by PCI DSS.
System IP
# Domain Name Port Server Type Default Status and Title/Redirect
Address
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 108 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
System IP
# Domain Name Port Server Type Default Status and Title/Redirect
Address
Several network services, most notably HTTPS ("Secure Web"), employ certificates which contain information about the service which can be used by connecting clients to
authenticate the identity of the server. For Web servers, the certificate is intended to authenticate the domain name (e.g., www.yoursite.com) of a web site. For example, a
home banking application should be run on a web server which provides a certificate to its clients' Web browsers proving that the web server they are connected to is
actually the one they intended to use.
In order to provide users with confidence in the site they are visiting, the certificate should be issued by a well-known certificate authority instead of self-generated. In some
cases, such as in a private network, self-generated certificates may be used; however, those users should have confidence in the internal issuing authority.
This table provides a summary of the certificates found in your network, including expiration date and issuer of each certificate.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 109 of 110
Learning Strategies Corporation.
Report Date: 2017-07-31
85
The following vulnerabilities and policy violations were successfully disputed by you and have been removed from the scoring of your report. These items no longer affect
any compliance assessment that this report may support. All disputes listed here were approved based on information which you have provided and represented and
warranted to be complete and accurate.
No disputes found that have been removed from the scoring of this report.
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright 2017 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 110 of 110
Learning Strategies Corporation.
ASV Feedback Form
This form is used to review ASVs and their work product, and is intended to be completed
after a PCI Scanning Service by the ASV client. While the primary audience of this form are
ASV scanning clients (merchants or service providers), there are several questions at the end,
under "ASV Feedback Form for Payment Brands and Others," to be completed as needed by
Payment Brand participants, banks, and other relevant parties. This form can be obtained
directly from the ASV during the PCI Scanning Service, or can be found online in a usable
format at https://www.pcisecuritystandards.org. Please send this completed form to PCI SSC
at: asv@pcisecuritystandards.org.
Name Name
Contact Contact
Telephone Telephone
E-Mail E-Mail
Street Name
City Telephone
State/Zip E-Mail
For each question, please indicate the response that best reflects your experience and
provide comments.
1) During the initial engagement, did the ASV explain the objectives, timing, and
review process, and address your questions and concerns?
Response:
Comments:
Page 1 of 5
2) Did the ASV employee(s) understand your business and technical environment, and
the payment card industry?
Response:
Comments:
3) Did the ASV employee(s) have sufficient security and technical skills to effectively
perform this PCI Scanning Service?
Response:
Comments:
4) Did the ASV sufficiently understand the PCI Data Security Standard and the PCI
Security Scanning Procedures?
Response:
Comments:
Response:
Comments:
6) Did the ASV provide an accurate estimate for time and resources needed?
Response:
Comments:
7) Did the ASV provide an accurate estimate for scan report delivery?
Response:
Comments:
Response:
Comments:
9) Did the ASV imply that use of a specific brand of commercial product or service was
necessary to achieve compliance?
Response:
Comments:
10) In situations where remediation was required, did the ASV present product and/or
solution options that were not exclusive to their own product set?
Response:
Comments:
11) Did the ASV use secure transmission to send any confidential reports or data?
Response:
Comments:
12) Did the ASV demonstrate courtesy, professionalism, and a constructive and
positive approach?
Response:
Comments:
13) Was there sufficient opportunity for you to provide explanations and responses
during the scans?
Response:
Comments:
Response:
Comments:
15) Did the ASV provide sufficient follow-up to address false positives until eventual
scan compliance was achieved?
Response:
Comments:
Please provide any additional comments here about the ASV, your PCI Scanning Service,
or the PCI documents.
Name Name
Telephone Telephone
E-Mail E-Mail
For each question, please indicate the response that best reflects your experience and
provide comments.
1) Does the ASV clearly understand how to notify your payment brand about
compliance and non-compliance issues, and the status of merchants and service
providers?
Response:
Comments:
2) Did you receive any complaints about ASV activities related to this scan?
Response:
Comments:
3) Did the ASV demonstrate sufficient understanding of the PCI Data Security
Standard and the PCI Security Scanning Procedures?
Response:
Comments: