Documente Academic
Documente Profesional
Documente Cultură
Project issues
In this section you'll find your project's Issues.
Title
Development configuration file
Severity
medium
Type
informationdisclosure
Impact
These files may disclose sensitive information. This information can be used to launch further attacks.
Description
A configuration file (e.g. Vagrantfile, Gemfile, Rakefile, …) was found in this directory. This file may expose sensitive information that
could help a malicious user to prepare more advanced attacks. It's recommended to remove or restrict access to this type of files
from production systems.
DetailedInformation
n/a
Recommendation
Remove or restrict access to all configuration files acessible from internet.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS3Score
3.1
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Scripts/PerFolder/Development_Files.script/Development configuration file
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Directory listing
Severity
medium
Type
configuration
Impact
A user can view a list of all files from this directory possibly exposing sensitive information.
Description
The web server is configured to display the list of files contained in this directory. This is not recommended because the directory
may contain files that are not normally exposed through links on the web site.
DetailedInformation
<h5>How to disable directory listings</h5>
The easiest way to disable directory listing is to create an index file. The name of the index file depends on the web server
configuration. On Apache is called index.htm, index.html. On IIS is named default.asp, default.aspx, default.htm.
On IIS directory listings are disabled by default. <li>For Apache you need to edit the Apache configuration file (usually named
httpd.conf) or create an .htaccess file. In the configuration file you will have the definition of the directory. Something like
To disable directory listing for that directory you need to remove the 'Indexes' option. </li>
Recommendation
You should make sure the directory does not contain sensitive information or you may want to restrict directory listings from the web
server configuration.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
Directory Listing and Information Disclosure
http://www.acunetix.com/blog/web-security-zone/directory-listing-information-disclosure/ (http://www.acunetix.com/blog/web-
security-zone/directory-listing-information-disclosure/)
plugin
acunetix
plugin_id
/Scripts/PerFolder/Directory_Listing.script/Directory listing
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
HTML form without CSRF protection
Severity
medium
Type
csrf
Impact
An attacker could use CSRF to trick a victim into accessing a website hosted by the attacker, or clicking a URL containing malicious
or unauthorized requests.
CSRF is a type of 'confused deputy' attack which leverages the authentication and authorization of the victim when the forged
request is being sent to the web server. Therefore, if a CSRF vulnerability could affect highly privileged users such as administrators
full application compromise may be possible.
Description
<div class="bb-coolbox">This alert requires manual confirmation
</div>
Cross-Site Request Forgery (CSRF, or XSRF) is a vulnerability wherein an attacker tricks a victim into making a request the victim did
not intend to make. Therefore, with CSRF, an attacker abuses the trust a web application has with a victim's browser.
Acunetix found an HTML form with no apparent anti-CSRF protection implemented. Consult the 'Attack details' section for more
information about the affected HTML form.
DetailedInformation
During a CSRF attack, the browser is tricked into sending HTTP requests to the web application as intended by the attacker. This
could include submitting forms to alter various forms of data.
Upon sending an HTTP request (legitimate or otherwise), the victim's browser will include the Cookie header. Cookies are typically
used to store a user's session identifier in order to prevent the user from authenticating for each request, which would obviously be
impractical. To such an extent, if the victim's authentication session is stored in a Cookie, and is still valid (a browser window/tab
does not necessarily need to be open), if the application is vulnerable to CSRF, an attacker can leverage CSRF to launch any desired
requests against the website, without the website being able to distinguish whether the requests are legitimate or not. <h5>CSRF in
GET requests</h5> The following is a simple example of how CSRF can be abused in GET requests through the use of the <code>
<img></code> tag.
<img src="http://example.com/changePassword/?newPassword=attackerPassword">
(http://example.com/changePassword/?newPassword=attackerPassword">)
The above is a CSRF attack using an HTTP GET request. If a victim visits a web page controlled by an attacker with the following
payload, the browser will send a request containing the Cookie to the attacker crafted URL. <h5>CSRF in GET requests</h5> GET
requests, however are not the only HTTP method an attacker can abuse. POST requests are equally susceptible to CSRF, however, an
attacker will need to make use of a little bit of JavaScript to submit the POST request. The following is a simple example of how CSRF
can be abused POST requests through the use of an <code><iframe></code> tag. This code would be loaded in an iFrame which is
made invisible to the victim. iFrame
iFrame Contents
Recommendation
Verify if this form requires anti-CSRF protection and implement CSRF countermeasures if necessary.
The recommended and the most widely used technique for preventing CSRF attacks is know as an anti-CSRF token, also sometimes
referred to as a synchronizer token. The characteristics of a well designed anti-CSRF system involve the following attributes.
The anti-CSRF token should be cryptographically secure, that is, generated by a strong Pseudo-Random Number Generator
(PRNG) algorithm
The anti-CSRF token is added as a hidden field for forms, or within URLs (only necessary if GET requests cause state changes,
that is, GET requests are not idempotent)
The server should reject the requested action if the anti-CSRF token fails validation
When a user submits a form or makes some other authenticated request that requires a Cookie, the anti-CSRF token should be
included in the request. Then, the web application will then verify the existence and correctness of this token before processing the
request. If the token is missing or incorrect, the request can be rejected.
CVSSVector
AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSScore
2.6
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS3Score
4.3
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
What is Cross Site Reference Forgery (CSRF)?
https://www.acunetix.com/websitesecurity/csrf-attacks/ (https://www.acunetix.com/websitesecurity/csrf-attacks/)
plugin
acunetix
plugin_id
/Crawler/12-Crawler_Form_NO_CSRF.js/HTML form without CSRF protection
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
PHPinfo page found
Severity
medium
Type
informationdisclosure
Impact
This file may expose sensitive information that may help an malicious user to prepare more advanced attacks.
Description
This script is using phpinfo() function. This function outputs a large amount of information about the current state of PHP. This
includes information about PHP compilation options and extensions, the PHP version, server information and environment (if
compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP
headers, and the PHP License.
DetailedInformation
n/a
Recommendation
Remove the file from production systems.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
PHP phpinfo
http://www.php.net/manual/en/function.phpinfo.php (http://www.php.net/manual/en/function.phpinfo.php)
plugin
acunetix
plugin_id
/Scripts/PerFile/Text_Search_File.script/PHPinfo page found
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
User credentials are sent in clear text
Severity
medium
Type
sensitivedatanotoverssl
Impact
A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.
Description
User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted
channel (HTTPS) to avoid being intercepted by malicious users.
DetailedInformation
n/a
Recommendation
Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted
connection (HTTPS).
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:W/RC:C
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS3Score
9.1
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Crawler/12-Crawler_User_Credentials_Plain_Text.js/User credentials are sent in clear text
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Vulnerable Javascript library
Severity
medium
Type
n/a
Impact
Consult References for more information.
Description
You are using a vulnerable Javascript library. One or more vulnerabilities were reported for this version of the Javascript library.
Consult Attack details and Web References for more information about the affected library and the vulnerabilities that were reported.
DetailedInformation
n/a
Recommendation
Upgrade to the latest version.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSSScore
6.4
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS3Score
6.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Scripts/PerFile/Javascript_Libraries_Audit.script/Vulnerable Javascript library
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Clickjacking: X-Frame-Options header missing
Severity
low
Type
abuseoffunctionality
Impact
The impact depends on the affected web application.
Description
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into
clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information
or taking control of their computer while clicking on seemingly innocuous web pages.
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-
Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page inside a
frame or iframe. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
DetailedInformation
n/a
Recommendation
Configure your web server to include an X-Frame-Options header. Consult Web references for more information about the possible
values for this header.
CVSSVector
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSScore
6.8
CVSS3Vector
n/a
CVSS3Score
n/a
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
The X-Frame-Options response header
https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options (https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options)
Clickjacking
http://en.wikipedia.org/wiki/Clickjacking (http://en.wikipedia.org/wiki/Clickjacking)
OWASP Clickjacking
https://www.owasp.org/index.php/Clickjacking (https://www.owasp.org/index.php/Clickjacking)
plugin
acunetix
plugin_id
/Scripts/PerServer/Clickjacking_X_Frame_Options.script/Clickjacking: X-Frame-Options header missing
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
OPTIONS method is enabled
Severity
low
Type
configuration
Impact
The OPTIONS method may expose sensitive information that may help an malicious user to prepare more advanced attacks.
Description
HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the
web server, it represents a request for information about the communication options available on the request/response chain
identified by the Request-URI.
DetailedInformation
n/a
Recommendation
It's recommended to disable OPTIONS Method on the web server.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
Testing for HTTP Methods and XST (OWASP-CM-008)
https://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)
(https://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008))
plugin
acunetix
plugin_id
/Scripts/PerServer/Options_Server_Method.script/OPTIONS method is enabled
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Possible sensitive directories
Severity
low
Type
informationdisclosure
Impact
This directory may expose sensitive information that could help a malicious user to prepare more advanced attacks.
Description
A possible sensitive directory has been found. This directory is not directly linked from the website.This check looks for common
sensitive resources like backup directories, database dumps, administration pages, temporary directories. Each one of these
directories could help an attacker to learn more about his target.
DetailedInformation
n/a
Recommendation
Restrict access to this directory or remove it from the website.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
Web Server Security and Database Server Security
http://www.acunetix.com/websitesecurity/webserver-security/ (http://www.acunetix.com/websitesecurity/webserver-security/)
plugin
acunetix
plugin_id
/Scripts/PerFolder/Possible_Sensitive_Directories.script/Possible sensitive directories
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
TRACE method is enabled
Severity
low
Type
configuration
Impact
Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication
data.
Description
HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive
header information could be read from any domains that support the HTTP TRACE method.
DetailedInformation
n/a
Recommendation
Disable TRACE Method on the web server.
CVSSVector
AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSSScore
0.0
CVSS3Vector
n/a
CVSS3Score
n/a
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
W3C – RFC 2616
http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html (http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html)
US-CERT VU#867593
http://www.kb.cert.org/vuls/id/867593 (http://www.kb.cert.org/vuls/id/867593)
plugin
acunetix
plugin_id
/Scripts/PerServer/Track_Trace_Server_Methods.script/TRACE method is enabled
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Content Security Policy (CSP) not implemented
Severity
informational
Type
configuration
Impact
CSP can be used to prevent and/or mitigate attacks that involve content/code injection, such as cross-site scripting/XSS attacks,
attacks that require embedding a malicious resource, attacks that involve malicious use of iframes, such as clickjacking attacks, and
others.
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross
Site Scripting (XSS) and data injection attacks.
Content Security Policy (CSP) can be implemented by adding a Content-Security-Policy header. The value of this header is a string
containing the policy directives describing your Content Security Policy. To implement CSP, you should define lists of allowed origins
for the all of the types of resources that your site utilizes. For example, if you have a simple site that needs to load scripts,
stylesheets, and images hosted locally, as well as from the jQuery library from their CDN, the CSP header could look like the
following:
<code>
Content-Security-Policy:
default-src 'self';
script-src 'self' https://code.jquery.com; (https://code.jquery.com;/)
</code>
It was detected that your web application doesn't implement Content Security Policy (CSP) as the CSP header is missing from the
response. It's recommended to implement Content Security Policy (CSP) into your web application.
DetailedInformation
n/a
Recommendation
It's recommended to implement Content Security Policy (CSP) into your web application. Configuring Content Security Policy involves
adding the Content-Security-Policy HTTP header to a web page and giving it values to control resources the user agent is allowed
to load for that page.
CVSSVector
AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSSScore
0.0
CVSS3Vector
n/a
CVSS3Score
n/a
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
Content Security Policy (CSP)
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP (https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
plugin
acunetix
plugin_id
/httpdata/CSP_not_implemented.js/Content Security Policy (CSP) not implemented
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Password type input with auto-complete enabled
Severity
informational
Type
informationdisclosure
Impact
Possible sensitive information disclosure.
Description
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be
saved.Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is
entered. An attacker with local access could obtain the cleartext password from the browser cache.
DetailedInformation
n/a
Recommendation
The password auto-complete should be disabled in sensitive applications.
To disable auto-complete, you may use a code similar to:
CVSSVector
AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSSScore
0.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Crawler/12-Crawler_Password_Input_Autocomplete.js/Password type input with auto-complete enabled
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Possible internal IP address disclosure
Severity
informational
Type
informationdisclosure
Impact
Possible sensitive information disclosure.
Description
A string matching an internal IPv4 address was found on this page. This may disclose information about the IP addressing scheme of
the internal network. This information can be used to conduct further attacks.
DetailedInformation
n/a
Recommendation
Prevent this information from being displayed to the user.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Scripts/PerFile/Text_Search_File.script/Possible internal IP address disclosure
Instance 0 Instance 1
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Possible internal IP address disclosure
Severity
informational
Type
informationdisclosure
Impact
Possible sensitive information disclosure.
Description
A string matching an internal IPv4 address was found on this page. This may disclose information about the IP addressing scheme of
the internal network. This information can be used to conduct further attacks.
DetailedInformation
n/a
Recommendation
Prevent this information from being displayed to the user.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
plugin
acunetix
plugin_id
/Scripts/PerFolder/Text_Search_Dir.script/Possible internal IP address disclosure
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
Possible server path disclosure (Unix)
Severity
informational
Type
informationdisclosure
Impact
Possible sensitive information disclosure.
Description
One or more fully qualified path names were found on this page. From this information the attacker may learn the file system
structure from the web server. This information can be used to conduct further attacks.
DetailedInformation
n/a
Recommendation
Prevent this information from being displayed to the user.
CVSSVector
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSScore
5.0
CVSS3Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS3Score
7.5
CVSS3TempScore
n/a
CVSS3EnvScore
n/a
CVEList
unimplemented
References
Full Path Disclosure
https://www.owasp.org/index.php/Full_Path_Disclosure (https://www.owasp.org/index.php/Full_Path_Disclosure)
plugin
acunetix
plugin_id
/Scripts/PerFile/Text_Search_File.script/Possible server path disclosure (Unix)
Details
Not available in the free trial
Affects
Location Parameter / n/a
AOP
File Line Additional n/a n/a n/a
FalsePositive
n/a
Title
OS End Of Life Detection
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The "FreeBSD" Operating System on the remote host has reached the end of life.
CPE: cpe:/o:freebsd:freebsd:11.1
Installed version,
build or SP: 11.1
EOL date: 2018-09-30
EOL info: https://www.freebsd.org/security/unsupported.html (https://www.freebsd.org/security/unsupported.html)
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.103674
Port
general/tcp
Description
The "FreeBSD" Operating System on the remote host has reached the end of life.
CPE: cpe:/o:freebsd:freebsd:11.1
Installed version,
build or SP: 11.1
EOL date: 2018-09-30
EOL info: https://www.freebsd.org/security/unsupported.html (https://www.freebsd.org/security/unsupported.html)
Title
PHP Multiple Vulnerabilities – Dec18 (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.1.24
Fixed version: 7.1.25
Installation
path / port: 80/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.108507
Port
80/tcp
Description
Installed version: 7.1.24
Fixed version: 7.1.25
Installation
path / port: 80/tcp
Title
OpenSSH Denial of Service And User Enumeration Vulnerabilities (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.3
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.809154
Port
22/tcp
Description
Installed version: 7.2
Fixed version: 7.3
Title
OpenSSH Multiple Vulnerabilities Jan17 (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.4
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.8103256
Port
22/tcp
Description
Installed version: 7.2
Fixed version: 7.4
Title
PHP Multiple Vulnerabilities – Feb19 (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.142048
Port
80/tcp
Description
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
Title
Drupal Multiple Vulnerabilities (SA-CORE-2019-001/SA-CORE-2019-002) (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7
Fixed version: 7.62
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.141891
Port
80/tcp
Description
Installed version: 7
Fixed version: 7.62
Title
Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-002) (Linux, Version Check)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7
Fixed version: Upgrade to 7.58
Installation
path / port: /drupal
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.812584
Port
80/tcp
Description
Installed version: 7
Fixed version: Upgrade to 7.58
Installation
path / port: /drupal
Title
OpenSSH Privilege Escalation Vulnerability – May16
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.2p2-3
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.807574
Description
Installed version: 7.2
Fixed version: 7.2p2-3
Title
Anonymous FTP Login Reporting
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
It was possible to login to the remote FTP service with the following anonymous account(s):
anonymous:anonymous@example.com (mailto:anonymous@example.com)
Account "anonymous":
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.900600
Port
21/tcp
Description
It was possible to login to the remote FTP service with the following anonymous account(s):
anonymous:anonymous@example.com (mailto:anonymous@example.com)
Account "anonymous":
Title
HTTP Debugging Methods (TRACE/TRACK) Enabled
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The web server has the following HTTP methods enabled: TRACE
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.11213
Port
80/tcp
Description
The web server has the following HTTP methods enabled: TRACE
Title
Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 5.6.42
Fixed version: Apply the patch
Installation
path / port: 3306/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.112488
Port
3306/tcp
Description
Installed version: 5.6.42
Fixed version: Apply the patch
Installation
path / port: 3306/tcp
Title
OpenSSH <= 7.2p1 – Xauth Injection
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.2p2
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.105581
Port
22/tcp
Description
Installed version: 7.2
Fixed version: 7.2p2
Title
OpenSSH User Enumeration Vulnerability-Aug18 (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.8
Installation
path / port: 22/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.813864
Port
22/tcp
Description
Installed version: 7.2
Fixed version: 7.8
Installation
path / port: 22/tcp
Title
Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 2.4.35
Fixed version: 2.4.38
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.141966
Port
general/tcp
Description
Installed version: 2.4.35
Fixed version: 2.4.38
Title
PHP Memory Disclosure Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.142046
Port
80/tcp
Description
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
Title
PHP 'CVE-2018-19935' – 'imap_mail' Denial of Service Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.108505
Port
80/tcp
Description
Installed version: 7.1.24
Fixed version: 7.1.26
Installation
path / port: 80/tcp
Title
Apache HTTP Server < 2.4.38 mod_session_cookie Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 2.4.35
Fixed version: 2.4.38
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.141964
Port
general/tcp
Description
Installed version: 2.4.35
Fixed version: 2.4.38
Title
FTP Writeable Directories
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
- /30 09:57 temp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.19782
Port
21/tcp
Description
- /30 09:57 temp
Title
OpenSSH 'auth2-gss.c' User Enumeration Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: NoneAvailable
Installation
path / port: 22/tcp
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.813888
Port
22/tcp
Description
Installed version: 7.2
Fixed version: NoneAvailable
Installation
path / port: 22/tcp
Title
Enabled Directory Listing Detection
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The following directories with an enabled directory listing were identified:
http://192.168.13.105/mail (http://192.168.13.105/mail)
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.111074
Port
80/tcp
Description
The following directories with an enabled directory listing were identified:
http://192.168.13.105/mail (http://192.168.13.105/mail)
Title
OpenSSH 'sftp-server' Security Bypass Vulnerability (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 7.2
Fixed version: 7.6
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.812051
Port
22/tcp
Description
Installed version: 7.2
Fixed version: 7.6
Title
FTP Unencrypted Cleartext Login
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The remote FTP service accepts logins without a previous sent 'AUTH TLS' command. Response(s):
Anonymous sessions: 331 Anonymous login ok, send your complete email address as your password
Non-anonymous sessions: 331 Password required for openvas-vt
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.108528
Port
21/tcp
Description
The remote FTP service accepts logins without a previous sent 'AUTH TLS' command. Response(s):
Anonymous sessions: 331 Anonymous login ok, send your complete email address as your password
Non-anonymous sessions: 331 Password required for openvas-vt
Title
Cleartext Transmission of Sensitive Information via HTTP
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The following input fields where identified (URL:input name):
http://192.168.13.105/drupal/:pass (http://192.168.13.105/drupal/:pass)
http://192.168.13.105/drupal/?D=A:pass (http://192.168.13.105/drupal/?D=A:pass)
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.108440
Port
80/tcp
Description
The following input fields where identified (URL:input name):
http://192.168.13.105/drupal/:pass (http://192.168.13.105/drupal/:pass)
http://192.168.13.105/drupal/?D=A:pass (http://192.168.13.105/drupal/?D=A:pass)
Title
SSH Weak Encryption Algorithms Supported
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
The following weak client-to-server encryption algorithms are supported by the remote service:
aes128-cbc
aes192-cbc
aes256-cbc
The following weak server-to-client encryption algorithms are supported by the remote service:
aes128-cbc
aes192-cbc
aes256-cbc
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.105611
Port
22/tcp
Description
The following weak client-to-server encryption algorithms are supported by the remote service:
aes128-cbc
aes192-cbc
aes256-cbc
The following weak server-to-client encryption algorithms are supported by the remote service:
aes128-cbc
aes192-cbc
aes256-cbc
Title
Oracle MySQL Backronym Vulnerability June16 (Linux)
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
Installed version: 5.6.42
Fixed version: 5.7.3
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.808064
Port
3306/tcp
Description
Installed version: 5.6.42
Fixed version: 5.7.3
Title
TCP timestamps
CVSSv2
AffectedSoftware
n/a
Description
n/a
Recommendation
n/a
References
CVE:
CVSS Vector: Field cvss_base_vector not recognized by the plugin
BID:
Other:
RawDescription
(note that some of the information below can change from instance to instance of this problem)
It was detected that the host implements RFC1323.
plugin
open_vas
plugin_id
1.3.6.1.4.1.25623.1.0.80091
Port
general/tcp
Description
It was detected that the host implements RFC1323.