family nessus plugin tenable network...
TRANSCRIPT
SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
TENABLE NETWORK SECURITY
Nessus PluginFamilyMarch 14, 2012 at 7:22pm CDTDave Breslin [dlbreslin]Confidential: The following report contains confidential information. Do not distribute, email, fax,or transfer via any electronic mechanism unless it has been approved by the recipient company'ssecurity policy. All copies and backups of this document should be saved on protected storage at alltimes. Do not share any of the information contained within this report with anyone unless they areauthorized to view the information. Violating any of the previous instructions is grounds for termination.
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Table of Contents
Tenable Network Security i
Table of ContentsPlugin Family Summary ...............................................................................................................1
AIX Local Security Checks .......................................................................................................3
Backdoors .....................................................................................................................................................4
CentOS Local Security Checks ...........................................................................................5
CGI abuses ..................................................................................................................................................6
CGI abuses : XSS ................................................................................................................................8
CISCO ............................................................................................................................................................. 10
Databases .................................................................................................................................................. 12
Debian Local Security Checks ......................................................................................... 14
Default Unix Accounts ............................................................................................................... 16
Denial of Service ...............................................................................................................................18
DNS ....................................................................................................................................................................20
Fedora Local Security Checks ......................................................................................... 22
Firewalls .......................................................................................................................................................23
FreeBSD Local Security Checks .................................................................................... 25
FTP .....................................................................................................................................................................27
Gain a shell remotely .................................................................................................................. 29
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Table of Contents
Tenable Network Security ii
General ..........................................................................................................................................................31
Gentoo Local Security Checks ........................................................................................ 33
HP-UX Local Security Checks ...........................................................................................35
Junos Local Security Checks ............................................................................................38
MacOS X Local Security Checks ...................................................................................40
Mandriva Local Security Checks ................................................................................... 42
Misc. ................................................................................................................................................................. 43
Netware .........................................................................................................................................................45
Peer-To-Peer File Sharing ......................................................................................................46
Policy Compliance .......................................................................................................................... 48
Port scanners ........................................................................................................................................49
Red Hat Local Security Checks ...................................................................................... 50
RPC ....................................................................................................................................................................51
SCADA ...........................................................................................................................................................53
Service detection ..............................................................................................................................55
Settings .........................................................................................................................................................56
Slackware Local Security Checks ................................................................................ 57
SMTP problems .................................................................................................................................. 58
SNMP ...............................................................................................................................................................60
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Table of Contents
Tenable Network Security iii
Solaris Local Security Checks ......................................................................................... 62
SuSE Local Security Checks ..............................................................................................63
Ubuntu Local Security Checks ........................................................................................ 65
VMware ESX Local Security Checks .........................................................................67
Web Servers ........................................................................................................................................... 69
Windows ......................................................................................................................................................71
Windows : Microsoft Bulletins ..........................................................................................73
Windows : User management ............................................................................................75
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Plugin Family Summary
Tenable Network Security 1
Plugin Family Summary
Plugin Family Severity Counts
Family Total Info Low Med. High Crit.
Misc. 956 327 94 0 0 535
VMware ESX Local SecurityChecks
954 0 0 162 487 305
Fedora Local Security Checks 948 0 449 0 0 499
Gentoo Local Security Checks 927 0 432 0 0 495
Mandriva Local Security Checks 926 0 434 0 0 492
AIX Local Security Checks 920 0 0 0 920 0
Red Hat Local Security Checks 920 0 475 0 0 445
Gain a shell remotely 919 0 13 300 91 515
General 897 492 76 221 103 5
Firewalls 895 195 40 189 347 124
Solaris Local Security Checks 893 0 0 0 893 0
SMTP problems 885 50 105 299 0 431
CGI abuses 880 396 0 0 0 484
Web Servers 874 415 0 0 0 459
FTP 868 167 37 236 0 428
SuSE Local Security Checks 868 0 436 0 0 432
Denial of Service 861 0 39 349 464 9
CGI abuses : XSS 858 0 154 680 24 0
Windows : Microsoft Bulletins 851 46 78 349 0 378
DNS 846 146 58 299 226 117
Default Unix Accounts 846 0 0 0 366 480
Peer-To-Peer File Sharing 840 351 66 132 291 0
Service detection 828 383 223 113 42 67
Ubuntu Local Security Checks 825 0 423 0 0 402
Slackware Local Security Checks 824 0 145 291 0 388
CentOS Local Security Checks 813 0 352 0 0 461
Backdoors 807 32 0 80 199 496
Windows 807 408 0 0 0 399
CISCO 805 0 60 324 58 363
Databases 799 160 173 64 0 402
Debian Local Security Checks 784 0 431 0 0 353
FreeBSD Local Security Checks 779 0 381 0 0 398
HP-UX Local Security Checks 768 0 0 430 0 338
SNMP 740 362 73 69 159 77
MacOS X Local Security Checks 724 196 30 131 0 367
Windows : User management 694 634 0 29 31 0
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Plugin Family Summary
Tenable Network Security 2
Family Total Info Low Med. High Crit.
RPC 597 186 13 269 77 52
Junos Local Security Checks 520 21 70 269 115 45
SCADA 431 105 0 96 149 81
Netware 361 0 43 191 127 0
Settings 310 237 73 0 0 0
Policy Compliance 101 35 0 33 33 0
Port scanners 45 10 35 0 0 0
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
AIX Local Security Checks
Tenable Network Security 3
AIX Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
55384 52 High AIX 530011 : U843402
55372 50 High AIX 530011 : U840873
55368 42 High AIX 530011 : U840869
55359 41 High AIX 530011 : U840860
55379 39 High AIX 530011 : U843397
55360 39 High AIX 530011 : U840861
55356 39 High AIX 530011 : U840857
55363 38 High AIX 530011 : U840864
55355 38 High AIX 530011 : U840856
55376 37 High AIX 530011 : U840877
55375 37 High AIX 530011 : U840876
55370 37 High AIX 530011 : U840871
55366 37 High AIX 530011 : U840867
55361 37 High AIX 530011 : U840862
55371 34 High AIX 530011 : U840872
55382 33 High AIX 530011 : U843400
55365 33 High AIX 530011 : U840866
55357 33 High AIX 530011 : U840858
55367 29 High AIX 530011 : U840868
55358 28 High AIX 530011 : U840859
55377 25 High AIX 530011 : U840878
55373 25 High AIX 530011 : U840874
55378 23 High AIX 530011 : U840879
55369 20 High AIX 530011 : U840870
55374 18 High AIX 530011 : U840875
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Backdoors
Tenable Network Security 4
Backdoors
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
45005 39 Critical Arugizer Backdoor Detection
45085 38 CriticalZeus/Zbot Banking Trojan/DataTheft (credentialed check)
46882 31 CriticalUnreal IRC Daemon BackdoorDetection
45006 28 CriticalEnergizer DUO USB BatteryCharger Software Backdoor(credentialed check)
33951 28 CriticalGeneric Backdoor Detection(banner check)
18391 28 MediumSMTP Server Non-standardPort Detection
12128 28 Critical Agobot.FO Backdoor Detection
10389 28 HighCart32 Backdoor PasswordArbitrary Command Execution
36036 27 CriticalConficker Worm Detection(uncredentialed check)
18367 27 Critical Kibuv Worm Detection
11118 25 Highalya.cgi CGI BackdoorDetection
51988 23 CriticalRogue Shell BackdoorDetection
12012 23 Medium CYDOOR Software Detection
10152 23 High NetBus 2.x Software Detection
12252 22 Critical Korgo Worm Detection
11854 22 High FsSniffer Backdoor Detection
11187 21 Critical4553 Parasite MothershipBackdoor Detection
15586 20 CriticalMoonLit Virus BackdoorDetection
11707 20 CriticalBugbear.B Web BackdoorDetection
11157 20 Medium Trojan Horse Detection
12004 18 High VCATCH Spyware Detection
15405 17 CriticalUnmanarc Remote ControlServer (URCS) Detection
11123 16 InfoRadmin (RemoteAdministrator) Port 4899Detection
12063 15 High Bagle.B Worm Detection
49270 14 Critical Stuxnet Worm Detection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CentOS Local Security Checks
Tenable Network Security 5
CentOS Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
43690 29 Critical CentOS : RHSA-2008-0504
21966 29 Low CentOS : RHSA-2005-805
43739 28 Critical CentOS : RHSA-2009-0408
25501 28 Low CentOS : RHSA-2007-0473
25255 28 Low CentOS : RHSA-2007-0353
43832 27 Critical CentOS : RHSA-2010-0019
43736 27 Critical CentOS : RHSA-2009-0377
43725 27 Critical CentOS : RHSA-2009-0011
43866 25 Critical CentOS : RHSA-2010-0029
43771 25 Critical CentOS : RHSA-2009-1176
43722 25 Critical CentOS : RHSA-2009-0002
25497 25 Low CentOS : RHSA-2007-0431
25499 22 Low CentOS : RHSA-2007-0465
43752 21 Critical CentOS : RHSA-2009-1061
43730 21 Critical CentOS : RHSA-2009-0331
43689 20 Critical CentOS : RHSA-2008-0492
43740 19 Critical CentOS : RHSA-2009-0409
25496 19 Low CentOS : RHSA-2007-0430
21968 19 Low CentOS : RHSA-2005-825
43694 18 Critical CentOS : RHSA-2008-0561
44649 17 Critical CentOS : RHSA-2010-0113
43776 17 Critical CentOS : RHSA-2009-1204
43688 17 Critical CentOS : RHSA-2008-0489
43817 16 Low CentOS : RHSA-2010-0018
43774 16 Critical CentOS : RHSA-2009-1201
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CGI abuses
Tenable Network Security 6
CGI abuses
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
55512 29 InfoAdobe ColdFusion RemoteDevelopment Services
55509 29 InfoRSA Self-Service ConsoleDetection
50510 29 CriticalFreeNAS exec_raw.phpArbitrary Command Execution
45138 29 CriticalRemote Help DefaultCredentials
55978 28 Info Sitecore CMS Detection
53621 28 Info SiteScope Detection
44109 28 Critical HP Power Manager < 4.2.10
57977 27 InfoOracle WebCenter ContentDetection
54969 27 Info Apache Archiva Detection
51645 27 Critical
HP OpenView NetworkNode Manager RemoteExecution of Arbitrary Code(HPSBMA02621 SSRT100352)
40354 27 CriticalOpenWrt Router with a BlankPassword (telnet check)
55627 26 InfoSymantec Web GatewayDetection
40552 24 CriticalSpiceworks HTTP ResponseAccept Header HandlingOverflow DoS
57918 23 CriticalEMC Celerra Control StationDefault Credentials
57825 23 Critical
PHP 5.3.9'php_register_variable_ex()'Code Execution (bannercheck)
58039 22 Critical
PHP 5.3.9'php_register_variable_ex()'Code Execution (intrusivecheck)
55800 22 InfoMicrosoft Remote DesktopWeb Access Detection
57850 21 Critical
Apache StrutsParameterInterceptor ClassOGNL Expression ParsingRemote Command Execution
41946 21 CriticalAdobe RoboHelp ServerSecurity Bypass (APSA09-05)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CGI abuses
Tenable Network Security 7
Plugin Total Severity Plugin Name
39790 21 CriticalAdobe ColdFusion FCKeditor'CurrentFolder' File Upload
57699 19 InfoHP Managed PrintingAdministration Detection
57576 19 Criticalop5 Portal Arbitrary CommandExecution
47581 19 CriticalNovell 'modulemanager'Servlet Arbitrary File Upload(intrusive check)
56648 18 InfoSonicWALL ViewPoint ServerDetection
55444 18 InfoManageEngine ServiceDeskPlus Detection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CGI abuses : XSS
Tenable Network Security 8
CGI abuses : XSS
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
54603 54 MediumAdobe RoboHelp FlashHelpUnspecified XSS (APSB11-09)(uncredentialed check)
58087 47 MediumphpMyAdmin 3.4.x <3.4.10.1 Cross-Site Scripting(PMASA-2012-1)
57979 46 MediumOracle WebCenter ContentHelp Component Cross-SiteScripting
55993 40 MediumphpMyAdmin 3.3.x / 3.4.x <3.3.10.4 / 3.4.4 Cross-siteScripting (PMASA-2011-13
53576 39 MediumAtlassian Confluence 2.x >=2.7 / 3.x < 3.4.9 Multiple Cross-Site Scripting Vulnerabilities
55775 37 MediumjCart 1.1 my-item-name POSTParameter XSS
57337 35 MediumphpMyAdmin 3.4.x <3.4.8 Cross-Site Scripting(PMASA-2011-18)
55904 35 MediumCGI Generic Script Injection(quick test)
54604 33 MediumMDaemon WorldClient <12.0.3 Summary Page EmailSubject XSS
55975 29 Medium Apache Hadoop Jetty XSS
52483 29 MediumCGI Generic Cross-SiteScripting (persistent, 3rd Pass)
57371 28 Medium
ManageEngine ServiceDeskPlus 8.0.0 < Build 8015Multiple Cross-Site ScriptingVulnerabilities
55903 28 MediumCGI Generic Cross-SiteScripting (extended patterns)
57617 27 MediumCacti < 0.8.7g Multiple Cross-Site Scripting and HTMLInjection Vulnerabilities
51998 26 MediumMediaWiki CSS CommentsXSS
18083 26 LowCoppermine Photo Galleryinit.inc.php X-Forwarded-ForXSS
14228 24 HighSquirrelMail < 1.4.3 MultipleVulnerabilities
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CGI abuses : XSS
Tenable Network Security 9
Plugin Total Severity Plugin Name
51529 22 MediumCGI Generic Cross-SiteScripting (persistent, 2nd pass)
34336 22 LowMailMarshal Spam QuarantineManagement (SQM) MultipleComponent XSS
51438 19 MediumPligg register.phpreg_username Parameter XSS
51090 18 MediumMODx login.php 'username'Parameter XSS
19514 18 Low phpGraphy EXIF Data XSS
56379 14 MediumphpMyAdmin 3.4.x <3.4.5 Cross-site Scripting(PMASA-2011-14)
57372 13 Medium
phpMyAdmin 3.4.x <3.4.9 Cross-Site Scripting(PMASA-2011-19 andPMASA-2011-20)
54579 13 Low Mailman < 2.1.14 Multiple XSS
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CISCO
Tenable Network Security 10
CISCO
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56321 29 HighCisco IOS Software IPSand Zone-Based FirewallVulnerabilities - Cisco Systems
49016 29 CriticalSNMP Version 3Authentication Vulnerabilities -Cisco Systems
48965 27 CriticalNTP Vulnerability - CiscoSystems
10999 27 CriticalLinksys Router DefaultPassword
48977 26 MediumCisco Telnet Denial of ServiceVulnerability - Cisco Systems
48976 26 MediumCisco IOS Malformed OSPFPacket Causes Reload - CiscoSystems
10545 26 CriticalCisco Catalyst Web InterfaceRemote Command Execution
56319 25 High
Cisco IOS Software SessionInitiation Protocol Denial ofService Vulnerabilities - CiscoSystems
48961 25 MediumCisco IOS ARP TableOverwrite Vulnerability - CiscoSystems
48973 24 MediumCisco 6000/6500/7600 CraftedLayer 2 Frame Vulnerability -Cisco Systems
10045 24 CriticalCisco 675 Router DefaultUnpassworded Account
48996 23 Critical Crafted IP Option Vulnerability
48995 23 CriticalCombined IOS Table forJanuary 24, 2007 SecurityAdvisories
11689 23 LowCisco IDS Device ManagerDetection
48982 22 MediumCrafted Packet Causes Reloadon Cisco Routers
49004 21 MediumVulnerability In Crypto Library -Cisco Systems
56320 20 CriticalCisco IOS Software SmartInstall Remote Code ExecutionVulnerability - Cisco Systems
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
CISCO
Tenable Network Security 11
Plugin Total Severity Plugin Name
48974 19 MediumVulnerabilities in SNMPMessage Processing - CiscoSystems
49646 18 CriticalLinksys Router DebugCredentials (Gemtek /gemtekswd)
49017 18 MediumMultiple Cisco ProductsVulnerable to DNS CachePoisoning Attacks
11383 18 Critical
Cisco SSH2 Server/Client Malformed PacketRemote DoS (CSCdz60229,CSCdy87221, CSCdu75477)
10754 17 CriticalCisco Multiple DevicesUnpassworded Account
48968 16 CriticalSSH Malformed PacketVulnerabilities - Cisco Systems
48964 16 MediumData Leak with Cisco ExpressForwarding Enabled - CiscoSystems
48960 16 Medium
ICMP UnreachableVulnerability in Cisco 12000Series Internet Router - CiscoSystems
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Databases
Tenable Network Security 12
Databases
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56063 29 MediumOracle Database, January2009 Critical Patch Update
12047 29 CriticalOracle Database 9i MultipleFunctions Local Overflow
30153 28 CriticalDB2 < 8.1 FixPak 16 MultipleVulnerabilities
55690 26 CriticalDB2 Unsupported VersionDetection
33852 26 CriticalDefault Password (db2admin)for 'db2admin' Account onWindows
51840 25 CriticalDB2 9.1 < Fix Pack 10 MultipleVulnerabilities
11081 25 CriticalOracle Application ServerWeb Cache HTTP RequestOverflow
55786 23 Critical Oracle Database Unsupported
53811 23 InfoIBM solidDB Detection (localcheck)
32137 23 LowMySQL 4.1 < 4.1.24 MyISAMCreate Table Privilege CheckBypass
46328 22 LowMySQL Community Server 5.1< 5.1.46 Multiple Vulnerabilities
15417 22 LowPostgreSQLmake_oidjoins_check ArbitraryFile Overwrite
47158 21 LowMySQL Community Server <5.1.48 Denial of Service
31680 20 Info solidDB Detection
56056 19 CriticalOracle Database, April 2007Critical Patch Update
32138 19 LowMySQL Enterprise Server 5.0< 5.0.60 MyISAM CREATETABLE Privilege Check Bypass
25492 19 CriticalFirebird DataBase Serverfbserver.exe p_cnct_countValue Remote Overflow
22416 19 Info DB2 Connection Port Detection
10658 19 InfoOracle Database tnslsnrService Remote VersionDisclosure
56062 18 MediumOracle Database, October2008 Critical Patch Update
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Databases
Tenable Network Security 13
Plugin Total Severity Plugin Name
22017 17 InfoDB2 Discovery ServiceDetection
12246 17 CriticalFirebird DB Remote DatabaseName Overflow
10719 17 Info MySQL Server Detection
15486 16 CriticalDB2 < 8 Fix Pack 7a MultipleVulnerabilities
17830 15 LowMySQL 5.0.18 InformationLeak
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Debian Local Security Checks
Tenable Network Security 14
Debian Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57879 29 CriticalDebian DSA-2406-1 : icedove -several vulnerabilities
53862 29 CriticalDebian DSA-2235-1 : icedove -several vulnerabilities
44853 29 LowDebian DSA-1989-1 : fuse -denial of service
56340 28 CriticalDebian DSA-2313-1 :iceweasel - severalvulnerabilities
56179 25 LowDebian DSA-2309-1 : openssl- compromised certificateauthority
55524 24 CriticalDebian DSA-2273-1 : icedove -several vulnerabilities
53505 24 LowDebian DSA-2222-1 : tinyproxy- incorrect ACL processing
47705 24 LowDebian DSA-2069-1 : znc -denial of service
57513 23 CriticalDebian DSA-2373-1 : inetutils -buffer overflow
50865 23 LowDebian DSA-2129-1 : krb5- checksum verificationweakness
34478 23 LowDebian DSA-1658-1 : dbus -programming error
57502 22 LowDebian DSA-2362-1 : acpid -several vulnerabilities
57516 20 LowDebian DSA-2376-2 : ipmitool -insecure PID file
51665 20 LowDebian DSA-2150-1 : request-tracker3.6 - unsalted passwordhashing
31589 19 LowDebian DSA-1518-1 : backup-manager - programming error
56307 18 CriticalDebian DSA-2311-1 :openjdk-6 - severalvulnerabilities
55942 18 CriticalDebian DSA-2297-1 : icedove -several vulnerabilities
44810 18 LowDebian DSA-1945-1 : gforge -symlink attack
58012 17 CriticalDebian DSA-2412-1 : libvorbis- buffer overflow
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Debian Local Security Checks
Tenable Network Security 15
Plugin Total Severity Plugin Name
44702 17 LowDebian DSA-1837-1 : dbus -programming error
26975 17 LowDebian DSA-1382-1 : quagga -null pointer dereference
52620 16 CriticalDebian DSA-2188-1 : webkit -several vulnerabilities
51558 16 LowDebian DSA-2147-1 : pimd -insecure temporary files
31588 16 LowDebian DSA-1517-1 :ldapscripts - programming error
25638 16 LowDebian DSA-1326-1 : fireflier-server - insecure temporaryfiles
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Default Unix Accounts
Tenable Network Security 16
Default Unix Accounts
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
42147 29 CriticalDefault Password (sq!us3r) for'dbadmin' Account
34084 29 HighDefault Password (trans) for'trans' Account
17291 29 CriticalDefault Password (debug) for'super' Account
34082 28 HighDefault Password (bank) for'bank' Account
50322 27 CriticalDefault Password (artica) for'root' Account
11257 27 HighDefault Password (manager)for 'system' Account
11250 27 HighUnpassworded 'backdoor'Account
57916 26 CriticalDefault Password (nasadmin)for 'root' Account
48274 25 CriticalDefault Password (0p3nm35h)for 'root' Account
35621 25 Critical
Default Password (password)for 'admin' Account onBroadcom BCM96338 ADSLRouter
34081 25 CriticalDefault Password (admin) for'admin' Account
11259 25 HighUnpassworded 'StoogR'Account
11265 24 HighDefault Password (satori) for'rewt' Account
50601 23 CriticalDefault Password (m) for 'root'Account
46240 23 CriticalDefault Password (alien) for'root' Account
42211 23 CriticalDefault Password (infoblox) for'admin' Account
24275 23 HighDefault Password (informix) for'informix' Account
17294 23 CriticalDefault Password (forgot) for'user' Account
42367 22 CriticalDefault Password (alpine) for'root' Account
40355 22 CriticalDefault Password (admin) for'root' Account
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Default Unix Accounts
Tenable Network Security 17
Plugin Total Severity Plugin Name
17292 21 CriticalDefault Password (forgot) for'super' Account
18527 20 High Unpassworded 'mpi' Account
34323 18 CriticalDefault Password (rootme) for'root' Account
11254 18 High Unpassworded 'friday' Account
24745 16 CriticalDefault Password (password)for 'root' Account
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Denial of Service
Tenable Network Security 18
Denial of Service
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
29980 29 HighSolaris 10 ICMP PacketHandling DoS
21333 29 HighLinux SCTP FunctionalityMultiple Remote DoS
18058 29 HighKerio MailServer WebmailMalformed E-Mail HandlingResource Exhaustion DoS
17296 29 HighNetwork Service MalformedData Remote DoS
10461 29 HighRealServer Malformedviewsource Directory RequestDoS
42412 27 MediumNovell eDirectory < 8.8.5ftf1/8.7.3.10 ftf2 NULL BaseDN DoS
20983 27 HighBlackBerry Enterprise ServerCrafted SRP Packet RemoteDoS
11903 27 HighTCP/IP Ping of Death RemoteDoS (jolt)
31863 26 High
Novell eDirectory HostEnvironment Service(dhost.exe) HTTP ConnectionHeader DoS
11813 25 HighLinux 2.4 NFSv3 knfsdMalformed GETATTR RequestRemote DoS
21120 24 MediumJabber Studio jabberd SASLNegotiation Remote DoS
19548 24 MediumBNBT EasyTracker MalformedGET Request Remote DoS
23625 23 MediumOpenLDAP SASL authcidName BIND Request DoS
31862 22 LowVeritas Storage FoundationMultiple Service Remote DoS(SYM08-004)
20903 22 MediumIBM Tivoli Directory ServerLDAP Packet Handling DoS
19606 22 MediumZebedee Malformed ProtocolOption Header Port 0 RemoteDoS
21023 21 MediumDropbear SSH Authorization-pending Connection SaturationDoS
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Denial of Service
Tenable Network Security 19
Plugin Total Severity Plugin Name
17655 21 Highipsec-tools KAME racoonDaemon ISAKMP HeaderParsing Remote DoS
22159 20 Medium
ISC DHCP Serversupersede_lease() FunctionDHCPDISCOVER PacketRemote DoS
11475 20 High3com RAS 1500 / WyseWinterm Malformed PacketRemote DoS
56922 19 MediumAsterisk SIP Channel DriverUninitialized Variable RequestParsing DoS (AST-2011-012)
33810 19 MediumMailEnable IMAP ConnectionSaturation Remote DoS(ME-10042)
31855 18 HighOpenfire < 3.5.0ConnectionManagerImpl.javaQueue Handling Remote DoS
11926 18 HighNIPrint LPD-LPR Print ServerString Handling RemoteOverflow
10635 18 HighMarconi ASX-1000 SwitchesMultiple Interface MalformedPacket DoS
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
DNS
Tenable Network Security 20
DNS
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57574 54 MediumUnbound < 1.4.14 / 1.4.13p2DoS Vulnerabilities
53842 52 MediumISC BIND Response PolicyZones RRSIG Query AssertionFailure DoS
55049 35 MediumUnbound < 1.4.10 daemon/worker.c DNS Request ErrorHandling Remote DoS
11318 29 CriticalISC BIND < 9.2.2 DNSResolver Functions RemoteOverflow
10028 29 InfoDNS Server BIND versionDirective Remote VersionDisclosure
34044 28 HighPowerDNS Recursor DNSPredictable Transaction ID(TRXID) Cache Poisoning
17631 26 Highdnsmasq < 2.21.0 MultipleRemote Vulnerabilities
50976 25 Medium
ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3,9.6-ESV < 9.6-ESV-R3,9.7.x < 9.7.2-P3 MultipleVulnerabilities
49777 25 MediumISC BIND 9 9.7.2 < 9.7.2-P2Multiple Vulnerabilities
34043 25 InfoPowerDNS version-stringDirective Remote VersionDisclosure
11951 25 Low DNS Server Fingerprinting
54923 23 HighISC BIND 9 Large RRSIGRRsets Negative CachingRemote DoS
40875 23 Criticaldnsmasq < 2.50 MultipleRemote TFTP Vulnerabilities
11932 23 HighISC BIND < 8.3.7 / 8.4.3Negative Record CachePoisoning
25121 22 HighISC BIND < 9.4.1 / 9.5.0a4query.c query_addsoaFunction Recursive Query DoS
10886 22 HighISC BIND < 8.3.4 MultipleRemote Vulnerabilities
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
DNS
Tenable Network Security 21
Plugin Total Severity Plugin Name
44116 21 MediumISC BIND 9 DNSSEC NSEC/NSEC3 Bogus NXDOMAINResponses
33447 21 HighMultiple Vendor DNS QueryID Field Prediction CachePoisoning
34111 20 Mediumdnsmasq < 2.45 MultipleRemote DoS
10728 19 InfoISC BIND 9.x AUTHORS MapRemote Version Disclosure
11510 18 CriticalISC BIND < 4.9.5 DNSResolver Functions RemoteOverflow
42983 17 LowISC BIND 9 DNSSEC CachePoisoning
38735 17 MediumISC BIND 9 EVP_VerifyFinal() /DSA_do_verify() SSL/TLSSignature Validation Weakness
11002 17 Info DNS Server Detection
38849 16 LowNSD version Directive RemoteVersion Disclosure
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Fedora Local Security Checks
Tenable Network Security 22
Fedora Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57989 29 Critical Fedora 16 2012-1652
55909 29 Low Fedora 14 2011-10413
56851 28 Critical Fedora 14 2011-14650
55777 28 Critical Fedora 15 2011-9774
56924 26 Low Fedora 14 2011-15831
56354 26 Low Fedora 16 2011-12399
55155 26 Critical Fedora 13 2011-8020
57367 25 Low Fedora 16 2011-16856
56721 25 Critical Fedora 14 2011-15241
56225 25 Low Fedora 15 2011-12403
55867 25 Low Fedora 15 2011-10341
55783 25 Critical Fedora 14 2011-9898
56852 24 Critical Fedora 15 2011-14673
55156 24 Critical Fedora 15 2011-8028
56673 23 Critical Fedora 14 2011-14747
56398 23 Low Fedora 15 2011-13809
55945 23 Low Fedora 16 2011-10399
57439 22 Low Fedora 15 2011-17341
55752 22 Critical Fedora 14 2011-9555
55751 22 Critical Fedora 14 2011-9523
58159 21 Critical Fedora 17 2012-2238
57754 21 Critical Fedora 15 2011-16284
56800 21 Critical Fedora 16 2011-15555
57967 20 Critical Fedora 16 2012-1690
56926 20 Low Fedora 15 2011-15846
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Firewalls
Tenable Network Security 23
Firewalls
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57287 37 MediumSquid 3.1.x < 3.1.16 / 3.2.x <3.2.0.13 DNS Replies CNameRecord Parsing Remote DoS
31094 29 High3Proxy HTTP Proxy CraftedTransparent Request RemoteOverflow
20388 29 HighJuniper NetScreen SecurityManager (NSM) guiSrv/devSrvCrafted String Remote DoS
16363 29 InfoBlueCoat ProxySG ConsoleManagement Detection
14640 29 HighCerbere HTTP Proxy ServerHost: Header Remote DoS
12084 29 HighCheck Point FireWall-1 4.xMultiple Vulnerabilities (OF,FS)
10675 29 InfoCheck Point FireWall-1 TelnetClient Authentication Detection
17599 28 CriticalDeleGate < 8.11 MultipleUnspecified Overflows
17155 27 HighSOCKS4 Server RecursiveConnection Remote DoS
20393 26 HighWinProxy < 6.1a MultipleVulnerabilities (credentialedcheck)
57641 25 Critical Unsupported IPSO Firewall
40420 24 Medium Squid 3.0.STABLE16 / 3.10.11
11834 24 InfoSource Routed PacketWeakness
11518 24 InfoCheck Point FireWall-1 OpenWeb Administration
10074 24 HighCheck Point FireWall-1 UDPPort 0 DoS
56215 23 MediumSquid 3.x < 3.0.STABLE26 /3.1.15 / 3.2.0.11 Gopher BufferOverflow
16190 22 HighSquid < 2.5.STABLE8 MultipleVulnerabilities
11575 22 High
Kerio Personal FirewallAdministrator AuthenticationHandshake Packet RemoteOverflow
16205 21 CriticalDefault Password (zebra) forZebra
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Firewalls
Tenable Network Security 24
Plugin Total Severity Plugin Name
20391 20 HighWinProxy < 6.1a HTTP ProxyMultiple Vulnerabilities
12036 20 High
Finjan SurfinGate ProxyFHTTP Command AdminFunctions AuthenticationBypass
10676 20 InfoCheck Point FireWall-1 HTTPClient Authentication Detection
44384 19 MediumSquid < 3.0.STABLE23 /3.1.0.16
45591 18 MediumSquid < 3.0.STABLE24 /2.7.STABLE8 / 2.6.STABLE24
33104 16 Critical
SecurityGateway < 1.0.2Administration Interfaceusername Field RemoteOverflow
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
FreeBSD Local Security Checks
Tenable Network Security 25
FreeBSD Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56803 27 CriticalFreeBSD : linux-flashplugin-- multiple vulnerabilities(0e8e1212-0ce5-11e1-849b-003067b2972c)
53347 27 Low
FreeBSD : tinyproxy-- ACL lists ineffectivewhen range is configured(b9281fb9-61b2-11e0-b1ce-0019d1a7ece2)
38965 27 Low
FreeBSD : slim --local disclosure of Xauthority magic cookie(80f13884-4d4c-11de-8811-0030843d3802)
34390 27 Low
FreeBSD : mysql --command line client inputvalidation vulnerability(4775c807-8f30-11dd-821f-001cc0377035)
37716 26 Low
FreeBSD : postgresql-contrib-- insecure temporary filecreation (6a164d84-2f7f-11d9-a9e7-0001020eed82)
57785 25 CriticalFreeBSD : mozilla --multiple vulnerabilities(0a9e2b72-4cb7-11e1-9146-14dae9ebcf89)
57355 25 CriticalFreeBSD : mozilla --multiple vulnerabilities(e3ff776b-2ba6-11e1-93c6-0011856a6e37)
56495 25 Critical
FreeBSD : amaya --multiple buffer overflowvulnerabilities (a89b76a7-f6bd-11dd-94d9-0030843d3802)
51069 25 Critical
FreeBSD : chromium --multiple vulnerabilities(6887828f-0229-11e0-b84d-00262d5ed8ee)
50469 25 Low
FreeBSD : Mailman -- cross-site scripting in web interface(4ab29e12-e787-11df-adfa-00e0815b8da8)
36362 25 LowFreeBSD : CUPS -- localinformation disclosure(30cea6be-1d0c-11d9-814e-0001020eed82)
51950 24 Critical
FreeBSD : webkit-gtk2-- Multiple vurnabilities.(35ecdcbe-3501-11e0-afcd-0015f2db7bde)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
FreeBSD Local Security Checks
Tenable Network Security 26
Plugin Total Severity Plugin Name
58138 23 CriticalFreeBSD : linux-flashplugin-- multiple vulnerabilities(f63bf080-619d-11e1-91af-003067b2972c)
34484 23 Low
FreeBSD : drupal --multiple vulnerabilities(706c9eef-a077-11dd-b413-001372fd0af2)
56762 22 CriticalFreeBSD : mozilla --multiple vulnerabilities(6c8ad3e8-0a30-11e1-9580-4061862b8c22)
45448 22 Critical
FreeBSD : firefox --Re-use of freed objectdue to scope confusion(ec8f449f-40ed-11df-9edc-000f20797ede)
38802 21 Low
FreeBSD : mod_perl-- cross-site scripting(4a638895-41b7-11de-b1cc-00219b0fc4d8)
37686 20 Low
FreeBSD : getmail -- symlinkvulnerability during maildirdelivery (8c33b299-163b-11d9-ac1b-000d614f7fad)
35339 19 Low
FreeBSD : mysql -- privilegeescalation and overwrite ofthe system table information(8c451386-dff3-11dd-a765-0030843d3802)
57403 17 Critical
FreeBSD : krb5-appl -- telnetdcode execution vulnerability(4ddc78dc-300a-11e1-a2aa-0016ce01e285)
50075 16 Critical
FreeBSD : Webkit-gtk2 -- MultipleVulnabilities (e5090d2a-dbbe-11df-82f8-0015f2db7bde)
56323 15 CriticalFreeBSD : mozilla -- multiplevulnerabilities (1fade8a3-e9e8-11e0-9580-4061862b8c22)
50470 15 Low
FreeBSD : OTRS -- MultipleXSS and denial of servicevulnerabilities (96e776c7-e75c-11df-8f26-00151735203a)
56804 14 Low
FreeBSD : phpmyadmin-- Local file inclusion(1f6ee708-0d22-11e1-b5bd-14dae938ec40)
51568 14 Low
FreeBSD : MoinMoin -- cross-site scripting vulnerabilities(4c017345-1d89-11e0-bbee-0014a5e3cda6)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
FTP
Tenable Network Security 27
FTP
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
54955 29 Info Wing FTP Server Detection
50544 28 CriticalProFTPD < 1.3.3c MultipleVulnerabilities
32375 27 InfoFTP Server Bad CommandSequence Accepted (possiblebackdoor/proxy)
15857 27 CriticalWS_FTP Server MultipleCommand Remote OverflowDoS
11779 27 InfoFTP Server CopyrightedMaterial Present
52704 26 Mediumvsftpdvsf_filename_passes_filterFunction Denial of Service
32373 26 InfoFTP Server Any CommandAccepted (possible backdoor/proxy)
14372 26 Critical
WU-FTPD S/KEYAuthentication ftpd.cskey_challenge FunctionRemote Overflow
40770 25 InfoIpswitch WS_FTP ServerVersion Detection (credentialedcheck)
55523 24 Critical vsftpd Smiley Face Backdoor
11094 24 CriticalWS_FTP Multiple CommandLong Argument Overflow
45140 23 Medium Serv-U < 9.4.0.0
40820 23 InfoCerberus FTP ServerDetection
50989 22 CriticalProFTPD CompromisedSource Packages TrojanedDistribution
47040 21 MediumSolaris FTP Daemon LongCommand Cross-Site RequestForgery
11160 20 CriticalWindows FTP Server NULLAdministrator Password
12080 19 CriticalServ-U MDTM CommandOverflow
43369 17 Medium Serv-U < 9.2.0.1
14598 17 CriticalWS_FTP Server MultipleVulnerabilities (OF, DoS, CmdExec)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
FTP
Tenable Network Security 28
Plugin Total Severity Plugin Name
11371 17 CriticalBSD ftpd Single Byte BufferOverflow
10928 17 CriticalEFTP .lnk File HandlingRemote Overflow
54956 16 MediumWing FTP Server LDAPAuthentication Bypass
50811 16 MediumFTP Server Traversal ArbitraryFile Access (RETR)
42149 16 LowFTP Service AUTH TLSCommand Support
40825 16 Critical
MS09-053: Microsoft IIS FTPdNLST Command RemoteBuffer Overflow (975191)(uncredentialed check)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Gain a shell remotely
Tenable Network Security 29
Gain a shell remotely
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
25662 29 CriticalIBM Tivoli Storage ManagerMultiple Remote Overflows
10966 29 MediumUniversity of Washington imapServer (uw-imapd) BODYRequest Remote Overflow
44072 27 HighOpenSSH < 3.2.3 YPNetgroups AuthenticationBypass
25214 27 CriticalDarwin Streaming Server <5.5.5 Multiple Remote OverflowVulnerabilities
42824 25 CriticalIBM Tivoli Storage ManagerClient Multiple Vulnerabilities(swg21405562)
33285 25 CriticalEMC AlphaStor LibraryManager Remote CodeExecution
25935 25 CriticalSIDVault < 2.0f LDAP ServerMalformed Search RequestBuffer Overflow
14223 25 Mediumrsync sanitize_path() FunctionArbitrary File Disclosure
35009 24 MediumClamAV < 0.94.2cli_check_jpeg_exploit()Malformed JPEG File DoS
33284 24 CriticalEMC AlphaStor DeviceManager robotd Remote CodeExecution
30106 24 MediumAXIGEN Mail Server AXIMilterCNHO Command RemoteFormat String
52157 23 HighAsterisk main/udptl.c BufferOverflows (AST-2011-002)
50023 23 CriticalNovell PlateSpin OrchestrateRemote Code Execution
43635 23 CriticalHP Data ProtectorMSG_PROTOCOL RemoteStack Buffer Overflow
18200 23 MediumNetWin DMail Server MultipleRemote Vulnerabilities
40987 22 CriticalRandom password for 'root'account
25950 22 CriticalRealNetworks Helix DNAServer RTSP Service Crafted
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Gain a shell remotely
Tenable Network Security 30
Plugin Total Severity Plugin NameRequire Header RemoteOverflow
35555 21 CriticalRealNetworks Helix Server< 11.1.8/12.0.1 MultipleVulnerabilities
32320 21 CriticalRemote host has weak DebianOpenSSH Keys in ~/.ssh/authorized_keys
25118 21 Critical
MERCUR Messaging IMAPServer NTLM AuthenticationNTLMSSP Argument RemoteOverflow
35467 20 CriticalEMC RepliStor MultipleRemote Heap Based BufferOverflows
35308 20 CriticalTCL Shell (tclsh) ArbitraryCommand Execution
35087 20 HighClamAV < 0.94 MultipleVulnerabilities
15783 20 MediumDigital Mappings SystemsPOP3 Server (pop3svr.exe)Multiple Field Remote Overflow
10463 20 Mediumvpopmail vchkpw USER/PASSCommand Format String
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
General
Tenable Network Security 31
General
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
51192 28 MediumSSL Certificate Cannot BeTrusted
11057 28 HighTCP/IP Initial SequenceNumber (ISN) ReuseWeakness
57620 27 High Small SSH RSA Key
56472 27 InfoSSL Certificate Chain ContainsUnnecessary Certificates
42873 27 MediumSSL Medium Strength CipherSuites Supported
39329 27 LowNews Server (NNTP)Anonymous Read Access
15901 27 Medium SSL Certificate Expiry
46180 26 Info Additional DNS Hostnames
39519 26 InfoBackported Security PatchDetection (FTP)
34097 26 InfoBIOS Version Information (viaSMB)
45410 25 InfoSSL Certificate commonNameMismatch
42980 25 InfoSSL Certificate Expiry - FutureValidity
29217 24 InfoSolaris Installed PackageEnumeration (credentialedcheck)
45432 23 InfoProcessor Information (viaDMI)
57336 22 MediumCyrus IMAPd NNTPAUTHINFO USER CommandParsing Authentication Bypass
34098 22 Low BIOS version (SSH)
51892 21 Medium
OpenSSLSSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUGSession Resume CiphersuiteDowngrade Issue
50350 21 Info OS Identification Failed
47800 21 InfoVirtualPC Virtual Machinedetection (dmidecode)
45399 21 InfoICMP Node Information QueryInformation Disclosure
33276 20 InfoEnumerate MAC Addresses viaSSH
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
General
Tenable Network Security 32
Plugin Total Severity Plugin Name
53360 19 InfoSSL Server Accepts WeakDiffie-Hellman Keys
42084 19 InfoACAP Service STARTTLSCommand Support
42053 18 HighSSL Certificate Null CharacterSpoofing Weakness
39520 18 InfoBackported Security PatchDetection (SSH)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Gentoo Local Security Checks
Tenable Network Security 33
Gentoo Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
31613 29 LowGLSA-200803-26 : AdobeAcrobat Reader: Insecuretemporary file creation
56903 28 CriticalGLSA-201111-07 : TinTin++:Multiple vulnerabilities
46807 28 CriticalGLSA-201006-18 :Oracle JRE/JDK: Multiplevulnerabilities
44895 28 CriticalGLSA-201001-06 : aria2:Multiple vulnerabilities
56426 27 CriticalGLSA-201110-02 : Wireshark:Multiple vulnerabilities
29907 27 LowGLSA-200801-03 : ClawsMail: Insecure temporary filecreation
46793 26 CriticalGLSA-201006-13 : Smarty:Multiple vulnerabilities
44892 26 CriticalGLSA-201001-03 : PHP:Multiple vulnerabilities
21317 26 LowGLSA-200605-02 : X.Org:Buffer overflow in XRenderextension
57656 25 CriticalGLSA-201201-14 : MITKerberos 5 Applications:Multiple vulnerabilities
56425 25 CriticalGLSA-201110-01 : OpenSSL:Multiple vulnerabilities
56660 24 CriticalGLSA-201110-26 : libxml2:Multiple vulnerabilities
42214 24 CriticalGLSA-200910-02 : Pidgin:Multiple vulnerabilities
21278 24 LowGLSA-200604-13 : fbida:Insecure temporary filecreation
49126 23 CriticalGLSA-201009-05 : AdobeReader: Multiple vulnerabilities
42913 22 CriticalGLSA-200911-03 : UW IMAPtoolkit: Multiple vulnerabilities
56459 21 CriticalGLSA-201110-06 : PHP:Multiple vulnerabilities
26094 21 LowGLSA-200709-04 : po4a:Insecure temporary filecreation
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Gentoo Local Security Checks
Tenable Network Security 34
Plugin Total Severity Plugin Name
34248 20 LowGLSA-200809-09 : Postfix:Denial of Service
33556 20 LowGLSA-200807-10 : Bacula:Information disclosure
31594 20 LowGLSA-200803-23 : WebsiteMETA Language: Insecuretemporary file usage
21664 20 LowGLSA-200606-02 : shadow:Privilege escalation
57655 19 CriticalGLSA-201201-13 : MITKerberos 5: Multiplevulnerabilities
32150 19 LowGLSA-200805-02 :phpMyAdmin: Informationdisclosure
22939 19 LowGLSA-200611-01 : Screen:UTF-8 character handlingvulnerability
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
HP-UX Local Security Checks
Tenable Network Security 35
HP-UX Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
46348 29 CriticalHP-UX PHSS_40708 :s700_800 11.X OV NNM7.53IA-64 Intermediate Patch 26
44603 27 Critical
HP-UX PHSS_40368 : HPNetwork Node Manager(NNM), Remote Executionof Arbitrary Commands(HPSBMA02484 SSRT090076rev.1)
40607 27 Medium
HP-UX PHKL_40197 : HP-UX ttrace(2), Local Denial ofService (DoS) (HPSBUX02450SSRT090141 rev1)
40365 26 Medium
HP-UX PHNE_39872 : HP-UX Running XNTP, RemoteExecution of Arbitrary Code(HPSBUX02437 SSRT090038rev.2)
45617 25 Medium
HP-UX PHKL_40888 : HP-UX,Local Denial of Service (DoS)(HPSBUX02518 SSRT100051rev.1)
44351 25 Medium
HP-UX PHSS_39510 : HPOpenView Storage DataProtector, Local UnauthorizedAccess (HPSBMA02502SSRT090171 rev.1)
51467 24 Medium
HP-UX PHKL_39899 : HP-UXRunning Threaded Processes,Remote Denial of Service(DoS) (HPSBUX02611SSRT090201 rev.1)
43134 24 CriticalHP-UX PHSS_36588 :s700_800 11.X OV DP6.00PA-RISC patch - CS packet
53267 23 Medium
HP-UX PHKL_41944 : HP-UX,Local Denial of Service (DoS)(HPSBUX02646 SSRT100396rev.1)
43137 23 CriticalHP-UX PHSS_36623 :s700_800 11.X OV DP6.00IA-64 patch - CORE packet
40364 23 Medium
HP-UX PHNE_39871 : HP-UX Running XNTP, RemoteExecution of Arbitrary Code(HPSBUX02437 SSRT090038rev.2)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
HP-UX Local Security Checks
Tenable Network Security 36
Plugin Total Severity Plugin Name
38730 23 Medium
HP-UX PHCO_38492 :HPUX Running useradd(1M),Local Unauthorized Access(HPSBUX02366 SSRT080120rev.2)
41978 22 Critical
HP-UX PHSS_39774 : HP-UXRunning Kerberos, RemoteDenial of Service (DoS),Execution of Arbitrary Code(HPSBUX02421 SSRT090047rev.2)
44354 21 Medium
HP-UX PHSS_39515 : HPOpenView Storage DataProtector, Local UnauthorizedAccess (HPSBMA02502SSRT090171 rev.1)
43142 21 Critical
HP-UX PHSS_40374 :s700_800 11.X OV NNM7.53PA-RISC Intermediate Patch25
43131 21 Critical
HP-UX PHCO_40520 : HP-UX Running VRTSweb,Remote Execution of ArbitraryCode, Increase of Privilege(HPSBUX02480 SSRT090253rev.1)
44349 20 Medium
HP-UX PHSS_39105 : HPOpenView Storage DataProtector, Local UnauthorizedAccess (HPSBMA02502SSRT090171 rev.1)
43141 20 CriticalHP-UX PHSS_37383 :s700_800 11.23 OV DP5.50IA-64 patch - CORE packet
44405 19 Medium
HP-UX PHSS_40230 : HPEnterprise Cluster MasterToolkit (ECMT) running onHP-UX, Local UnauthorizedAccess (HPSBUX02464SSRT090210 rev.1)
49112 18 Medium
HP-UX PHCO_41201 :HP-UX running SoftwareDistributor (sd), Local PrivilegeIncrease, Unauthorized Access(HPSBUX02552 SSRT100062rev.1)
43135 18 CriticalHP-UX PHSS_36589 :s700_800 11.X OV DP6.00IA-64 patch - CS packet
53271 17 Medium
HP-UX PHNE_41908 : HP-UX Running XNTP, RemoteDenial of Service (DoS)(HPSBUX02639 SSRT100293rev.1)
38731 16 MediumHP-UX PHCO_38547 :HPUX Running useradd(1M),Local Unauthorized Access
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
HP-UX Local Security Checks
Tenable Network Security 37
Plugin Total Severity Plugin Name(HPSBUX02366 SSRT080120rev.2)
43130 15 Critical
HP-UX PHCO_40519 : HP-UX Running VRTSweb,Remote Execution of ArbitraryCode, Increase of Privilege(HPSBUX02480 SSRT090253rev.1)
49111 14 Medium
HP-UX PHCO_41200 :HP-UX running SoftwareDistributor (sd), Local PrivilegeIncrease, Unauthorized Access(HPSBUX02552 SSRT100062rev.1)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Junos Local Security Checks
Tenable Network Security 38
Junos Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57637 53 Medium
Juniper Junos BGP UPDATEMalformed ATTR_SETAttribute Remote DoS(PSN-2012-01-472)
57638 45 HighJuniper Junos J-WebComponent Unspecified CSRF(PSN-2012-01-474)
55933 45 CriticalUnsupported Junos OperatingSystem
57636 43 HighJuniper Junos MGD-CLIArbitrary Command Execution(PSN-2011-11-418)
55939 41 Medium
Juniper Junos Multiplesfid Daemon MalformedPacket Remote DoS(PSN-2011-04-241)
55934 39 LowJuniper Junos Extended DHCPRelay Agent Traffic Redirection(PSN-2011-07-300)
55940 34 Medium
Juniper Junos debug.phpJ-Web ComponentUnauthenticated DebugAccess (PSN-2011-02-158)
56771 32 MediumJuniper Junos J-WebAdministrator Logs XSS(PSN-2011-10-392)
55941 31 LowJuniper Junos J-WebWeak SSL Ciphers(PSN-2011-01-147)
55936 31 MediumJuniper Junos FragmentedICMP Packet Handling RemoteDoS (PSN-2011-07-298)
57639 23 MediumJuniper Junos BGPMultiple Remote DoS(PSN-2012-01-475)
55935 23 MediumJuniper Junos IPv6 overIPv4 Security Policy Bypass(PSN-2011-07-299)
55932 21 Info Junos Version Detection
55937 19 HighJuniper Junos ICMP Ping'composite next-hop' RemoteDoS (PSN-2011-07-297)
56769 17 MediumJuniper Junos MPC MalformedRoute Prefix Remote DoS(PSN-2011-08-327)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Junos Local Security Checks
Tenable Network Security 39
Plugin Total Severity Plugin Name
55938 15 MediumJuniper Junos PIM rpd CraftedBoot Message Remote DoS(PSN-2011-07-296)
56770 8 High
Juniper Junos Next-GenMVPN Senario MalformedMessage Handling RemoteDoS (PSN-2011-10-391)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
MacOS X Local Security Checks
Tenable Network Security 40
MacOS X Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
38743 29 CriticalMac OS X MultipleVulnerabilities (Security Update2009-002)
45373 26 CriticalMac OS X MultipleVulnerabilities (Security Update2010-002)
40502 26 CriticalMac OS X < 10.5.8 MultipleVulnerabilities
55458 25 CriticalMac OS X : Java for Mac OS X10.5 Update 10
40946 25 CriticalMac OS X < 10.6.1 MultipleVulnerabilities
56960 24 Info Adobe AIR for Mac Installed
56214 23 CriticalAdobe Reader UnsupportedVersion Detection (Mac OS X)
55417 23 Info Firefox Installed (Mac OS X)
40591 23 Medium
Mac OS X BIND DynamicUpdate Message HandlingRemote DoS (Security Update2009-004)
55459 22 CriticalMac OS X : Java for Mac OS X10.6 Update 5
58180 21 InfoMac OS X DNS ServerEnumeration
56871 21 MediumiTunes < 10.5.1 UpdateAuthenticity VerificationWeakness (Mac OS X)
54832 20 CriticalMac OS X Mac DefenderMalware Detection
50680 20 Info Mac OS X Server Service List
44095 20 CriticalMac OS X MultipleVulnerabilities (Security Update2010-001)
25997 20 InfoiTunes Version Detection (MacOS X)
55575 18 InfoLibreOffice Detection (Mac OSX)
53412 18 MediumMac OS X Fraudulent DigitalCertificates (Security Update2011-002)
20113 18 LowMac OS X < 10.4.3 MultipleVulnerabilities
56748 17 CriticalMac OS X : Java for Mac OS X10.6 Update 6
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
MacOS X Local Security Checks
Tenable Network Security 41
Plugin Total Severity Plugin Name
47023 17 CriticalMac OS X 10.6 < 10.6.4Multiple Vulnerabilities
54973 16 MediumFlash Player for Mac <10.3.181.22 Cross-SiteScripting (APSB11-13)
53843 16 InfoSkype for Mac Installed(credentialed check)
58091 15 InfoMicrosoft Silverlight Installed(Mac OS X)
55851 13 CriticalVMware Fusion UnsupportedVersion Detection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Mandriva Local Security Checks
Tenable Network Security 42
Mandriva Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
42046 29 Low MDVSA-2009:256-1 : dbus
56373 28 Critical MDVSA-2011:139 : firefox
38117 28 Low MDVSA-2009:066 : php
50008 27 Critical MDVSA-2010:205 : freeciv
53617 26 CriticalMDVSA-2011:080 : mozilla-thunderbird
49795 26 Critical MDVSA-2010:198 : kernel
26105 26 Low MDKSA-2007:185 : avahi
57412 25 Critical MDVSA-2011:195 : krb5-appl
51793 25 Critical MDVSA-2010:260 : libxml2
56809 24 CriticalMDVSA-2011:170 : java-1.6.0-openjdk
56765 24 Critical MDVSA-2011:169 : mozilla
53273 23 Critical MDVSA-2011:061 : ffmpeg
37945 23 LowMDVSA-2008:135 : gnome-screensaver
57413 22 Low MDVSA-2011:196 : ipmitool
56324 22 Low MDVSA-2011:136 : openssl
53001 22 CriticalMDVSA-2011:054 : java-1.6.0-openjdk
49738 22 Low MDVSA-2010:191 : mailman
36594 21 Low MDVSA-2008:172 : amarok
49666 20 Critical MDVSA-2010:188 : kernel
45030 20 Low MDVSA-2010:059 : virtualbox
55406 19 Critical MDVSA-2011:111 : mozilla
45041 19 Low MDVSA-2010:061 : ncpfs
40813 19 Low MDVSA-2009:224-1 : postfix
37681 19 Low MDVSA-2008:076 : wml
56707 17 Critical MDVSA-2011:165 : php
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Misc.
Tenable Network Security 43
Misc.
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
51890 29 InfoTelnet Service START_TLSSupport
55992 28 CriticalSunSSH < 1.1.1 / 1.3 CBCPlaintext Disclosure
47743 28 CriticalIpswitch Imail Server < 11.02Multiple Vulnerabilities
43030 28 CriticalNovell eDirectory < 8.8.5.2 /8.7.3.10 ftf2 'NDS Verb'Request Buffer Overflow
19948 28 CriticalX11 Server UnauthenticatedAccess
44316 27 CriticalOracle WebLogic Server NodeManager Remote CommandExecution
43390 27 CriticalAdobe Flash Media Server< 3.0.5 / 3.5.3 MultipleVulnerabilities (APSB09-18)
42085 27 InfoIMAP Service STARTTLSCommand Support
57334 26 InfoAnonymous NNTPAuthentication Enabled
55814 26 CriticalAdobe Flash Media ServerUnsupported Version Detection
51092 25 Info OpenVZ Guest Detection
45477 24 Info LDAP Group Enumeration
44657 24 CriticalLinux Daemons with BrokenLinks to Executables
33948 24 CriticalAttachmate Reflection forSecure IT UNIX server < 7.0SP1 Multiple Vulnerabilities
46172 23 CriticalClamAV Virus Database(daily.cvd) Out Of Date
43829 23 LowKerberos InformationDisclosure
22415 23 CriticalNetopia Router Crafted SNMPRequest Remote AdminPassword Disclosure
25216 22 CriticalSamba NDR MS-RPC RequestHeap-Based Remote BufferOverflow
56300 20 InfoKVM / QEMU Guest Detection(credentialed check)
53857 20 CriticalHP Data Protector < A.06.20Multiple Vulnerabilities
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Misc.
Tenable Network Security 44
Plugin Total Severity Plugin Name
46255 20 CriticalHP Mercury LoadRunner AgentRemote Command Execution
53533 19 CriticalZend Server Java BridgeArbitrary Java Code Execution
45478 19 Info LDAP User Enumeration
24747 19 CriticalKiwi CatTools < 3.2.9 TFTPServer Traversal Arbitrary FileManipulation
58038 18 InfoLDAP 'Domain Admins' GroupMembership Enumeration
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Netware
Tenable Network Security 45
Netware
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
44064 43 LowNovell NetWare 6.5 SupportPack 1.1 Admin/Install LocalInformation Disclosure
10988 43 MediumNovell NetWare ncp ServiceNDS Object Enumeration
11827 42 HighNovell NetWare Web ServerCGI2PERL.NLM PERLHandler Remote Overflow
12119 30 HighNovell NetWare 6.0 Tomcatsource.jsp Traversal ArbitraryFile Access
12122 29 MediumNovell Groupwise ServletManager Default Password
10826 29 MediumNovell NetWare ManagementPortal Unrestricted Access
11158 28 HighNovell NetWare Web HandlerMultiple Vulnerabilities
44066 27 HighNovell NetWare 6.5 OpenSSHRemote Stack Buffer Overflow
12050 22 MediumNovell NetBasic ScriptingServer Encoded TraversalArbitrary File Access
12049 22 MediumNovonyx Web Server MultipleSample Application FilesPresent
12048 19 MediumNovell NetWare Web Serversewse.nlm (viewcode.jse)Traversal Arbitrary File Access
11614 15 MediumNovell NetWare FTPServMalformed Input Remote DoS
12104 12 MediumNovell NetWare LDAP ServerAnonymous Bind
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Peer-To-Peer File Sharing
Tenable Network Security 46
Peer-To-Peer File Sharing
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
18417 29 HighPeerCast URL Error MessageFormat String
11847 27 MediumWinMX Detection(uncredentialed check)
11426 27 Info Kazaa on Windows Detection
35468 26 Info GigaTribe Detection
20748 26 Info BitComet Detection
10408 26 HighGnapster Absolute Path NameRequest Arbitrary File Access
20845 25 Info BitLord Detection
20217 25 Info iTunes Music Sharing Enabled
50676 24 Info BitTorrent / uTorrent Detection
35914 23 MediumiTunes < 8.1 MultipleVulnerabilities (uncredentialedcheck)
53489 22 HighiTunes < 10.2.2 MultipleVulnerabilities (uncredentialedcheck)
11022 22 Info eDonkey Detection
21783 21 MediumiTunes AAC File ParsingInteger Overflow(uncredentialed check)
19386 21 Info Ares Fileshare Detection
33228 20 InfoOwner Free File System ClientDetection
20843 20 Info BitTorrent Detection
15834 20 HighOpen DC Hub RedirectAllValue Remote Overflow
11844 20 HighFastTrack (FT) Crafted PacketHandling Remote Overflow
11431 20 Low XoloX Detection
50677 19 InfoBitTorrent Mainline DHTDetection
41061 19 HighiTunes < 9.0.1 PLS File BufferOverflow (uncredentialedcheck)
11125 19 Low mldonkey Detection (WWW)
10946 19 Info Gnutella Servent Detection
47763 18 HighiTunes < 9.2.1 'itpc:' BufferOverflow (uncredentialedcheck)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Peer-To-Peer File Sharing
Tenable Network Security 47
Plugin Total Severity Plugin Name
26000 18 HighiTunes < 7.4 MalformedMusic File Heap Overflow(uncredentialed check)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Policy Compliance
Tenable Network Security 48
Policy Compliance
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56209 35 InfoPCI DSS compliance : RemoteAccess Software Has BeenDetected
57581 33 HighPCI DSS compliance :Database Reachable from theInternet
56208 33 MediumPCI DSS compliance :Insecure Communication HasBeen Detected
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Port scanners
Tenable Network Security 49
Port scanners
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
14274 26 Low Nessus SNMP Scanner
10180 10 Info Ping the remote host
0 9 Low Open Port
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Red Hat Local Security Checks
Tenable Network Security 50
Red Hat Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56328 29 Critical RHSA-2011-1343: thunderbird
57957 28 Critical RHSA-2012-0136: libvorbis
54930 28 Low RHSA-2011-0842: systemtap
57409 27 CriticalRHSA-2011-1852: krb5-appl-clients
25984 27 Low RHSA-2007-0539: aide
57991 26 Critical RHSA-2012-0139: java
50853 26 Low RHSA-2010-0926: krb5-devel
35317 26 Low RHSA-2009-0008: dbus
55642 25 Low RHSA-2011-0975: sssd
25877 25 Low RHSA-2007-0765: libgtop2
57595 24 Critical RHSA-2012-0034: java
27830 24 Low RHSA-2007-0542: mcstrans
25986 24 Low RHSA-2007-0795: cyrus-sasl
57956 23 Critical RHSA-2012-0135: java
57408 23 Critical RHSA-2011-1851: krb5-devel
56942 23 Critical RHSA-2011-1478: java
56740 22 Critical RHSA-2011-1434: acroread
54594 22 Low RHSA-2011-0560: sssd
58067 21 Low RHSA-2012-0313: libsmbclient
56553 21 Critical RHSA-2011-1380: java
25989 21 Low RHSA-2007-0878: cyrus-sasl
57761 20 Critical RHSA-2012-0080: thunderbird
55854 19 Critical RHSA-2011-1159: java
53631 19 Low RHSA-2011-0479: libvirt
40837 19 Low RHSA-2009-1287: openssh
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
RPC
Tenable Network Security 51
RPC
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
42256 37 Medium NFS Shares World Readable
11356 36 MediumNFS Exported ShareInformation Disclosure
12237 34 MediumRPC bootparamd NIS DomainName Disclosure
11358 28 HighNFS portmapper localhostMount Request Restricted HostAccess
10208 28 Info3270 Mapper ServiceDetection
11899 27 Medium RPC nibindd Service Detection
10226 27 Info rquotad Service Detection
54586 26 MediumMultiple Vendor RPCportmapper Access RestrictionBypass
20759 26 MediumRPC rpcbind Non-standardPort Assignment Filter Bypass
10227 26 Info RPC rstatd Service Detection
12238 24 MediumNIS passwd.byname MapDisclosure
10158 24 Info NIS Server Detection
11357 23 MediumMultiple Vendor NFS CDCommand Arbitrary File/Directory Access
15984 21 High NFS Share User Mountable
53333 19 Info Detect RPC over TCP
11058 19 MediumRPC rusers RemoteInformation Disclosure
11353 17 MediumNFS Predictable FilehandlesFilesystem Access
10210 16 Info RPC alis Service Detection
31683 15 High
Multiple Vendor NISrpc.ypupdated YP Map UpdateArbitrary Remote CommandExecution
11420 15 CriticalSun RPC XDRxdrmem_getbytes FunctionRemote Overflow
10223 14 InfoRPC portmapper ServiceDetection
53335 13 Info RPC portmapper (TCP)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
RPC
Tenable Network Security 52
Plugin Total Severity Plugin Name
11800 13 CriticalLinux NFS utils package (nfs-utils) mountd xlog Function Off-by-one Remote Overflow
53334 11 Info Detect RPC over UDP
11418 10 CriticalSun rpc.cmsd RemoteOverflow
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SCADA
Tenable Network Security 53
SCADA
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
33169 42 Info CitectSCADA Detection
57601 23 MediumSEL Controller DefaultCredentials
55025 23 MediumEcava IntegraXor < 3.60.4080XSS
47759 23 HighSiemens SIMATICWinCC Default PasswordAuthentication Bypass
56994 21 Critical
Advantech / BroadWinWebAccess webvrpcs.exeService Remote CodeExecution (credentialed check)
52962 21 MediumIGSS Data Server DirectoryTraversal Arbitrary File Access
53877 20 HighSamsung Data ManagementServer < 1.4.3 verifyUserMethod SQL Injection
56993 19 High
Advantech / BroadWinWebAccess Client'bwocxrun.ocx ' MultipleRemote Vulnerabilities
55631 19 High
Sielco Sistemi Winlog Pro< 2.07.01 TCP/IP ServerRuntime.exe Packet HandlingRemote Overflow
53548 19 Info Ecava IntegraXor Detection
56995 18 Critical
Advantech / BroadWinWebAccess webvrpcs.exeService Remote CodeExecution (uncredentialedcheck)
53878 18 Critical
Samsung Data ManagementServer Default Password(rkwjsdusrnth) for 'root'Account
54291 17 Medium7-Technologies IGSS <9.0.0.11129 Multiple DoSVulnerabilities
57600 15 HighModicon Quantum TFTPArbitrary File Upload
53572 15 InfoAutomated Solutions Modbus/TCP OPC Server Detection
54645 14 Critical7-Technologies IGSS <9.0.0.11143 ODBC RemoteMemory Corruption
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SCADA
Tenable Network Security 54
Plugin Total Severity Plugin Name
52051 14 HighMoxa Device Manager ToolMDM2_Gateway ResponseRemote Overflow
55630 13 InfoSielco Sistemi WinlogDetection
52993 13 HighMovicon < 11.2 Build 1084Multiple Vulnerabilities
50303 11 InfoMoxa Device ManagerGateway Detection
53573 10 High
Modbus/TCP Master OPCServer MODBUS ProtocolResponse Packet RemoteOverflow
53549 10 CriticalEcava IntegraXor < 3.60.4050Unspecified SQL Injection
55026 8 HighEcava IntegraXor PathSubversion Arbitrary DLLInjection Code Execution
52995 8 MediumMovicon TcpUploadServerData Leakage (remote check)
57602 7 High
Sensitive information can beobtained from the GE D20Remote Terminal Unit viaTFTP
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Service detection
Tenable Network Security 55
Service detection
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
58147 29 Info BJNP Detection
42843 29 LowUnisys Business InformationServer Detection
31705 28 MediumSSL Anonymous Cipher SuitesSupported
11720 28 MediumSecure HyperText TransferProtocol (S-HTTP) Detection
56819 26 InfoGreenbone Security Assistantdetection
35820 26 Low Thecus NAS Device Detection
52482 25 InfoEA Need For SpeedUnderground Detection
51834 25 InfoMicrosoft Office DocumentConversions Load BalancerDetection
40876 25 LowCitrix Licensing ServiceDetection
54629 24 Info WINS Server Detection
53513 24 InfoLink-Local Multicast NameResolution (LLMNR) Detection
31854 24 CriticalMalware Payload Codedetection
42931 23 LowSqueezebox Server CLIDetection
30207 23 Low LPD Detection
42933 22 LowSqueezebox Server CLIDetection
42058 22 Low Dopewars Server Detection
10205 22 High rlogin Service Detection
52654 21 InfoHP StorageWorks FileMigration Agent Detection
20345 21 MediumAirport Administrative TrafficDetection (192/UDP)
56823 19 Info OpenVAS Scanner Detection
51093 19 Info DiskPulse Server Detection
35322 19 Critical HTTP Backdoor Detection
34364 18 Low Zebedee Server Detection
50704 17 InfoSybase PowerDesignerRepository Proxy Detection
43831 17 LowAltiris Deployment SolutionServer DB Manager Detection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Settings
Tenable Network Security 56
Settings
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
46215 36 InfoInconsistent Hostname and IPAddress
11149 34 Info HTTP login page
12241 33 LowAppSocket & socketAPIPrinters - Do Not Scan
22482 32 Info Do not scan Novell NetWare
24786 31 InfoNessus Windows ScanNot Performed with AdminPrivileges
11840 24 LowExclude top-level domainwildcard hosts
11933 23 Info Do not scan printers
12634 21 InfoAuthenticated Check: OSName and Installed PackageEnumeration
35703 18 InfoSMB Registry : Start theRegistry Service during thescan
40472 16 InfoPCI DSS compliance : optionssettings
21745 16 LowAuthentication Failure - LocalChecks Not Run
19506 16 Info Nessus Scan Information
44920 10 InfoDo not scan printers(AppSocket)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Slackware Local Security Checks
Tenable Network Security 57
Slackware Local SecurityChecks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
18779 29 Critical SSA-2004-161-01 : cvs
40513 28 Critical SSA-2009-219-03 : apr-util
21342 28 LowSSA-2006-123-01 : xorg serveroverflow
33287 27 Critical SSA-2008-179-01 : ruby
24658 26 Low SSA-2006-307-02 : screen
57892 25 Medium SSA-2012-041-01 : httpd
54899 25 Medium SSA-2011-086-03 : shadow
22467 25 Critical SSA-2006-272-01 : openssl
55735 24 Medium SSA-2011-210-01 : libpng
54879 24 Medium SSA-2010-176-01 : bind
54863 24 CriticalSSA-2005-251-03 : slackware-current security updates
56142 22 Medium SSA-2011-252-01 : httpd
39796 22 Critical SSA-2009-195-01 : dhcp
54891 21 Medium SSA-2010-305-02 : pidgin
54885 21 MediumSSA-2010-240-03 :kdegraphics
25222 20 Critical SSA-2007-134-01 : samba
24661 20 Low SSA-2006-335-03 : libpng
54882 19 Medium SSA-2010-176-05 : cups
55737 18 Medium SSA-2011-210-03 : samba
54906 17 Medium SSA-2011-147-01 : bind
44946 17 Critical SSA-2010-060-02 : openssl
40624 17 Critical SSA-2009-231-02 : pidgin
24660 17 Critical SSA-2006-335-02 : proftpd
19862 17 Critical SSA-2005-251-02 : mod_ssl
20920 16 Critical SSA-2006-045-09 : xpdf
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SMTP problems
Tenable Network Security 58
SMTP problems
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
56634 27 CriticalGroupWise Internet Agent <8.0.2 HP3 iCalendar TZNAMEProperty Heap Overflow
51861 27 MediumExim < 4.74 Local PrivilegeEscalation
34347 27 LowPostfix epoll File DescriptorLeak Local DoS
17364 27 MediumMailEnable Standard SMTPmailto: Request Format String
11316 27 CriticalSendmail headers.c crackaddrFunction Address FieldHandling Remote Overflow
11088 27 LowSendmail RestrictQueueRunOption Debug ModeInformation Disclosure
46783 26 MediumExim < 4.72 MultipleVulnerabilities
17724 26 MediumSendmail < 8.13.8 HeaderProcessing Overflow DoS
12102 26 CriticalCourier < 0.45 Multiple RemoteOverflows
28289 25 MediumAbility Mail Server < 2.61Multiple Remote DoS
15464 25 CriticalMicrosoft Windows/ExchangeSMTP DNS Lookup Overflow(885881)
11674 25 CriticalBaSoMail SMTP MultipleCommand Remote OverflowDoS
10278 25 CriticalSendmail 8.6.9 IDENT RemoteOverflow
11838 24 CriticalSendmail < 8.12.10 prescan()Function Remote Overflow
54581 23 InfoAnonymous SMTPAuthentication Enabled
10588 23 CriticalSendmail mime7to8() FunctionRemote Overflow
54582 22 LowSMTP Service Cleartext LoginPermitted
15404 22 CriticalKerio MailServer < 6.0.3Unspecified Vulnerability
10247 22 CriticalSendmail DEBUG/WIZ RemoteCommand Execution
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SMTP problems
Tenable Network Security 59
Plugin Total Severity Plugin Name
22411 20 MediumMailEnable SMTP ConnectorService SPF Record CraftedLookup DoS
11772 20 CriticalSMTP Generic OverflowDetection
12232 19 MediumExim < 3.36 / 4.33 MultipleRemote Overflows
54584 18 Medium
Postfix Cyrus SASLAuthentication Context DataReuse Memory Corruption(exploit)
18433 18 MediumGoodTech SMTP ServerMalformed RCPT TOCommand DoS
18620 17 Low
Courier Mail Server < 0.50.1DNS SPF Record LookupFailure Memory CorruptionDoS
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SNMP
Tenable Network Security 60
SNMP
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
10550 53 InfoSNMP Query Running ProcessList Disclosure
10547 49 LowMicrosoft Windows LANManager SNMP LanManServices Disclosure
10551 48 InfoSNMP Request NetworkInterfaces Enumeration
10266 43 MediumSNMP Zero Length UDPPacket Remote DoS
10548 42 InfoMicrosoft Windows LANManager SNMP LanManShares Disclosure
10264 41 HighSNMP Agent DefaultCommunity Names
11317 36 HighHP JetDirect Device SNMPRequest Cleartext AdminCredential Disclosure
10688 36 CriticalCisco CatOS VACM read-write Community String DeviceConfiguration Manipulation
45022 34 Info SNMP Query Airport Version
43100 32 InfoSNMP Query WLAN SSID(Cisco)
41028 32 HighSNMP Agent DefaultCommunity Name (public)
35296 31 InfoSNMP Protocol VersionDetection
19763 30 InfoSNMP Query InstalledSoftware Disclosure
27841 29 HighSNMP GETBULK Large max-repetitions Remote DoS
11335 28 CriticalSolaris mibiisa MIB ParsingRemote Overflow
34396 27 InfoASG-Sentry SNMP AgentDetection
10969 24 LowSNMP Request Cisco RouterInformation Disclosure
34022 23 InfoSNMP Query RoutingInformation Disclosure
25422 23 InfoSNMPc Management ServerDetection
51160 21 HighBMC SNMP Agent DefaultCommunity Name (public)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SNMP
Tenable Network Security 61
Plugin Total Severity Plugin Name
10800 15 InfoSNMP Query SystemInformation Disclosure
10858 14 MediumMultiple Vendor MalformedSNMP Trap Handling DoS
11490 13 CriticalD-Link DSL Broadband ModemSNMP Cleartext ISP CredentialDisclosure
10857 12 MediumMultiple Vendor MalformedSNMP Message-Handling DoS
10546 4 InfoMicrosoft Windows LANManager SNMP LanMan UsersDisclosure
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Solaris Local Security Checks
Tenable Network Security 62
Solaris Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
38773 54 High Solaris 10 (x86) : 140106-02
45597 44 High Solaris 10 (x86) : 144255-01
53276 43 High Solaris 10 (sparc) : 146802-03
49135 43 High Solaris 10 (sparc) : 143559-10
55063 39 High Solaris 10 (sparc) : 140387-02
49081 38 High Solaris 10 (x86) : 143593-08
54992 37 High Solaris 10 (sparc) : 147182-01
50522 37 High Solaris 10 (x86) : 145797-02
42187 37 High Solaris 10 (x86) : 141503-02
49991 36 High Solaris 10 (sparc) : 144053-04
48918 36 High Solaris 10 (x86) : 138881-02
48937 35 High Solaris 10 (sparc) : 145124-02
48917 35 High Solaris 10 (sparc) : 138880-02
50041 34 High Solaris 10 (sparc) : 143561-09
56442 33 High Solaris 8 (x86) : 121431-54
53275 32 High Solaris 10 (sparc) : 145044-03
45596 32 High Solaris 10 (sparc) : 144254-01
55017 30 High Solaris 10 (x86) : 147183-01
50538 30 High Solaris 10 (x86) : 144489-17
53277 28 High Solaris 10 (x86) : 145045-03
55064 27 High Solaris 10 (x86) : 140388-02
50572 24 High Solaris 10 (sparc) : 144488-17
50042 24 High Solaris 10 (x86) : 143562-09
49079 22 High Solaris 10 (sparc) : 143592-09
51879 17 High Solaris 10 (sparc) : 146018-03
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SuSE Local Security Checks
Tenable Network Security 63
SuSE Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
58113 29 CriticalSuSE Security Update:java-1_4_2-ibm (2012-01-05)
57586 29 CriticalSuSE Security Update:acroread (2012-01-12)
51740 28 LowSuSE Security Update:Security update for fuse(fuse-6838)
57886 27 CriticalSuSE Security Update: mozilla-xulrunner192 (2012-02-06)
57204 27 CriticalSuSE Security Update:Security update for IBM Java(java-1_4_2-ibm-7504)
57207 26 CriticalSuSE Security Update:Security update for IBM Java(java-1_5_0-ibm-7650)
58195 24 CriticalSuSE Security Update:libvorbis (2012-02-21)
57683 24 CriticalSuSE Security Update:Security update for IBM Java1.4.2 (java-1_4_2-ibm-7908)
57239 24 LowSuSE Security Update:Security update for pam(pam-7814)
50945 24 LowSuSE Security Update: libvirt(2010-07-23)
57177 23 LowSuSE Security Update:Security update for dbus(dbus-1-7482)
53704 23 LowSuSE 11.2 Security Update:dbus-1 (2011-04-26)
51600 23 LowSuSE Security Update: gdm(2010-09-30)
58129 22 CriticalSuSE Security Update:Security update for flash-player(flash-player-7982)
51743 22 LowSuSE Security Update:Security update for fuse(fuse-6888)
57208 20 CriticalSuSE Security Update:Security update for IBM Java(java-1_5_0-ibm-7862)
57126 20 LowSuSE Security Update: pam(2011-10-25)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
SuSE Local Security Checks
Tenable Network Security 64
Plugin Total Severity Plugin Name
55139 20 LowSuSE Security Update:Security update for OpenSSL(openssl-7552)
51592 20 LowSuSE Security Update:NetworkManager (2010-09-16)
57206 19 CriticalSuSE Security Update:Security update for IBM Java(java-1_5_0-ibm-7442)
57130 19 LowSuSE Security Update: pure-ftpd (2011-09-01)
51741 19 LowSuSE Security Update:Security update for fuse(fuse-6840)
57192 18 CriticalSuSE Security Update:Security update for flash-player(flash-player-7571)
57152 18 CriticalSuSE Security Update:Security update for MozillaFirefox (MozillaFirefox-7784)
53590 18 LowSuSE Security Update:Security update for dbus(dbus-1-7483)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Ubuntu Local Security Checks
Tenable Network Security 65
Ubuntu Local Security Checks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57844 28 CriticalUSN-1355-1 : firefoxvulnerabilities
56638 28 CriticalUSN-1239-1 : linux-ec2vulnerabilities
57685 27 CriticalUSN-1263-2 : openjdk-6,openjdk-6b18 regression
57448 27 LowUSN-1319-1 : linux-ti-omap4vulnerabilities
56747 27 CriticalUSN-1253-1 : linuxvulnerabilities
56768 26 CriticalUSN-1256-1 : linux-lts-backport-natty vulnerabilities
56479 26 CriticalUSN-1228-1 : linux-ti-omap4vulnerabilities
45343 26 LowUSN-918-1 : sambavulnerability
57058 25 LowUSN-1294-1 : linux-lts-backport-oneiric vulnerabilities
56640 25 CriticalUSN-1241-1 : linux-fsl-imx51vulnerabilities
38647 25 LowUSN-768-1 : Apportvulnerability
52479 23 LowUSN-1077-1 : fusevulnerabilities
55088 21 LowUSN-1127-1 : usb-creatorvulnerability
45398 21 LowUSN-922-1 : libnss-dbvulnerability
39336 21 LowUSN-783-1 : ecryptfs-utilsvulnerability
57665 20 LowUSN-1341-1 : linuxvulnerabilities
57458 20 CriticalUSN-1306-2 : mozvoikko,ubufox update
56388 19 CriticalUSN-1225-1 : linuxvulnerabilities
51572 19 LowUSN-1044-1 : dbusvulnerability
36904 19 LowUSN-642-1 : Postfixvulnerabilities
58069 18 CriticalUSN-1370-1 : libvorbisvulnerability
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Ubuntu Local Security Checks
Tenable Network Security 66
Plugin Total Severity Plugin Name
58037 17 CriticalUSN-1369-1 : thunderbirdvulnerabilities
56860 17 CriticalUSN-1263-1 : icedtea-web,openjdk-6, openjdk-6b18vulnerabilities
56562 17 CriticalUSN-1192-3 : libvoikkoregression
57532 16 LowUSN-1328-1 : linux-mvl-dovevulnerabilities
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
VMware ESX Local Security Checks
Tenable Network Security 67
VMware ESX Local SecurityChecks
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
55747 52 High
VMSA-2011-0010 : VMwareESX third party updates forService Console packagesglibc and dhcp
57749 44 High
VMSA-2012-0001 : VMwareESXi and ESX updates to thirdparty library and ESX ServiceConsole
51077 41 HighVMSA-2010-0019 : VMwareESX third party updates forService Console
51422 38 High
VMSA-2011-0001 : VMwareESX third party updates forService Console packagesglibc, sudo, and openldap
56508 37 High
VMSA-2011-0012 : VMwareESXi and ESX updates to thirdparty libraries and ESX ServiceConsole
50985 37 High
VMSA-2010-0018 : VMwarehosted products and ESXpatches resolve multiplesecurity issues
40379 29 Critical
VMSA-2008-0010 : UpdatedTomcat and Java JREpackages for VMware ESX 3.5and VirtualCenter
40373 29 MediumVMSA-2008-0002 : Lowseverity security update forVirtualCenter and ESX
45386 28 Critical
VMSA-2010-0002 : VMwarevCenter update releaseaddresses multiple securityissues in Java JRE
42178 28 Medium
VMSA-2009-0002 :VirtualCenter Update 4 andESX patch update Tomcat toversion 5.5.27
44993 27 HighVMSA-2010-0004 : ESXService Console and vMA thirdparty updates
56997 26 CriticalVMware ESX / ESXiUnsupported Version Detection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
VMware ESX Local Security Checks
Tenable Network Security 68
Plugin Total Severity Plugin Name
40390 26 High
VMSA-2009-0005 : VMwareHosted products, VI Client andpatches for ESX and ESXiresolve multiple security issues
52012 25 Medium
VMSA-2009-0017 : VMwarevCenter, ESX patch andvCenter Lab Manager releasesaddress cross-site scriptingissues
51971 25 Critical
VMSA-2011-0003 : Thirdparty component updatesfor VMware vCenter Server,vCenter Update Manager,ESXi and ESX
49703 25 CriticalVMSA-2010-0015 : VMwareESX third party updates forService Console
40389 25 HighVMSA-2009-0004 : ESXService Console updates foropenssl, bind, and vim
40392 24 High
VMSA-2009-0007 : VMwareHosted products and ESX andESXi patches resolve securityissues
45402 22 MediumVMSA-2010-0006 : ESXService Console updates forsamba and acpid
56665 21 Critical
VMSA-2011-0013 : VMwarethird party component updatesfor VMware vCenter Server,vCenter Update Manager,ESXi and ESX
40388 21 HighVMSA-2009-0003 : ESX 2.5.5patch 12 updates serviceconsole package ed
52582 20 High
VMSA-2011-0004 : VMwareESX/ESXi SLPD denial ofservice vulnerability and ESXthird party updates for ServiceConsole packages bind, pam,and rpm.
52011 20 HighVMSA-2009-0009 : ESXService Console updates forudev, sudo, and curl
40386 20 High
VMSA-2008-0019 : VMwareHosted products and patchesfor ESX and ESXi resolvea critical security issue andupdate bzip2
43826 18 CriticalVMSA-2010-0001 : ESXService Console and vMAupdates for nss and nspr
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Web Servers
Tenable Network Security 69
Web Servers
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
57793 29 InfoOracle Fusion MiddlewareWebLogic Detection(credentialed check)
56979 29 Info Oracle WebLogic Detection
45423 29 CriticalIBM WebSphere ApplicationServer 6.1 < 6.1.0.13 MultipleVulnerabilities
57603 28 CriticalApache 2.2 < 2.2.13 APRapr_palloc Heap Overflow
35619 28 CriticalNaviCOPA < 3.01 6th February2009 Multiple Vulnerabilities
45039 27 CriticalOpenSSL < 0.9.8m MultipleVulnerabilities
46802 26 CriticalSBLIM-SFCB Multiple BufferOverflows
39328 26 InfoVulture Reverse ProxyDetection
57034 25 InfoIBM WebSphere ApplicationServer Detection
55930 24 InfoOracle GlassFish HTTP ServerVersion
51185 24 InfoDell Remote Access Controller(DRAC) Detection
51901 22 CriticalXEROX WorkCentreCommand Injection(XRX11-001)
48363 21 InfoIBM Tivoli ManagementFramework Endpoint WebDetection
44589 21 CriticalApache < 1.3.42 mod_proxyInteger Overflow
57619 20 CriticalOracle Application ServerMultiple Vulnerabilities
53532 20 CriticalHP System ManagementHomepage < 6.3 MultipleVulnerabilities
46015 20 CriticalHP System ManagementHomepage < 6.0.0.96 /6.0.0-95 Multiple Vulnerabilities
34781 20 CriticalOracle WebLogic Servermod_wl Invalid ParameterRemote Overflow (1150354)
52973 19 InfoRestricted Web PagesDetection
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Web Servers
Tenable Network Security 70
Plugin Total Severity Plugin Name
50348 19 Critical IBM RSA Default Credentials
49704 19 Info External URLs
45415 18 CriticalIBM WebSphere ApplicationServer 6.0 < 6.0.2.17 MultipleVulnerabilities
52658 17 Info Lotus Sametime Detection
39446 17 InfoApache Tomcat Default ErrorPage Version Detection
38790 17 CriticalXEROX WorkCentre WebServer Unspecified CommandInjection (XRX09-002)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows
Tenable Network Security 71
Windows
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
55532 29 InfoMicrosoft System CenterConfiguration Manager ClientInstalled
15912 29 CriticalMS04-006: WINS ServerRemote Overflow (830352)(uncredentialed check)
55883 27 Critical
MS11-058: Vulnerabilitiesin DNS Server Could AllowRemote Code Execution(2562485) (remote check)
55514 27 InfoAdobe ColdFusion Installedon Microsoft Windows(credentialed check)
57862 26 Critical
HP Data ProtectorMedia Operations Server'DBServer.exe' Remote CodeExecution
57708 26 InfoWebSphere MQ Server andClient Detection
55284 26 InfoAttachmate Reflection forSecure IT Windows ServerInstalled
56712 25 Info Google SketchUp Detection
56282 24 Critical
Citrix XenApp/XenDesktopMultiple Code ExecutionVulnerabilities (credentialedcheck)
57959 23 CriticalOracle Java SE MultipleVulnerabilities (Feb 2012 CPU)
56166 23 CriticalHP Client Automationradexecd.exe RemoteCommand Execution
58134 22 CriticalMicrosoft SilverlightUnsupported Version Detection(Windows)
55958 22 CriticalSun Java JRE UnsupportedVersion Detection
58181 21 InfoWindows DNS ServerEnumeration
56959 20 CriticalAdobe AIR <= 3.0 MultipleVulnerabilities (APSB11-28)
57348 19 InfoRSA SecurID Software TokenInstalled
55886 19 CriticalMozilla Thunderbird 3.1 <3.1.12 Multiple Vulnerabilities
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows
Tenable Network Security 72
Plugin Total Severity Plugin Name
53623 19 InfoHP Virtual Server EnvironmentDetection
57364 18 Info PuTTY Detection
55995 17 CriticalEMC AutoStart ftAgent MultipleRemote Code ExecutionVulnerabilities
56412 16 InfoSymantec Enterprise VaultDetection
55550 16 InfoHP Data Protector Installed(Windows) (credentialedcheck)
56413 15 CriticalSymantec Enterprise Vault /Oracle Outside In MultipleVulnerabilities (SYM11-011)
55650 15 Info SAP GUI Detection
55115 15 InfoSymantec Backup Exec ServerInstalled
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows : Microsoft Bulletins
Tenable Network Security 73
Windows : Microsoft Bulletins
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
55129 29 Medium
MS11-049: Vulnerability in theMicrosoft XML Editor CouldAllow Information Disclosure(2543893)
53377 29 Critical
MS11-020: Vulnerability inSMB Server Could AllowRemote Code Execution(2508429)
57475 28 Medium
MS12-007: Vulnerabilityin AntiXSS Library CouldAllow Information Disclosure(2607664)
51904 28 Critical
MS11-004: Vulnerability inInternet Information Services(IIS) FTP Service Could AllowRemote Code Execution(2489256)
57471 27 Medium
MS12-003: Vulnerabilityin Windows Client/ServerRun-time Subsystem CouldAllow Elevation of Privilege(2646524)
57033 27 InfoMicrosoft Patch BulletinFeasibility Check
56177 27 Medium
MS11-074: Vulnerabilities inMicrosoft SharePoint CouldAllow Elevation of Privilege(2451858)
55572 26 Medium
MS11-056: Vulnerabilitiesin Windows Client/ServerRun-time Subsystem CouldAllow Elevation of Privilege(2507938)
55117 26 Medium
MS11-037: Vulnerabilityin MHTML Could AllowInformation Disclosure(2544893)
39344 26 Critical
MS09-022: Vulnerabilities inWindows Print Spooler CouldAllow Remote Code Execution(961501)
55569 25 Medium
MS11-053: Vulnerability inBluetooth Stack Could AllowRemote Code Execution(2566220)
12205 23 CriticalMS04-011: Microsoft Hotfix(credentialed check) (835732)
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows : Microsoft Bulletins
Tenable Network Security 74
Plugin Total Severity Plugin Name
55791 21 Medium
MS11-061: Vulnerability inRemote Desktop Web AccessCould Allow Elevation ofPrivilege (2546250)
11787 21 CriticalMS03-024: SMB RequestHandler Buffer Overflow(817606)
11433 21 LowMS03-009: Microsoft ISAServer DNS - Denial OfService (331065)
56456 20 Medium
MS11-082: Vulnerabilitiesin Host Integration ServerCould Allow Denial of Service(2607670)
42106 20 CriticalMS09-050: Vulnerabilities inSMBv2 Could Allow RemoteCode Execution (975517)
38153 19 InfoMicrosoft Windows Summaryof Missing Patches
11808 19 CriticalMS03-026: Microsoft RPCInterface Buffer Overrun(823980)
51910 18 Medium
MS11-010: Vulnerabilityin Windows Client/ServerRun-time Subsystem CouldAllow Elevation of Privilege(2476687)
31038 18 LowMS08-004: Vulnerability inWindows TCP/IP Could AllowDenial of Service (946456)
16299 18 Low
MS03-034: NetBIOSName Service ReplyInformation Leakage (824105)(credentialed check)
55120 16 Critical
MS11-040: Vulnerability inThreat Management GatewayFirewall Client Could AllowRemote Code Execution(2520426)
42438 16 CriticalMS09-064: Vulnerability inthe License Logging Service(974783)
26921 16 CriticalWindows Service Pack Out ofDate
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows : User management
Tenable Network Security 75
Windows : User management
Top 25 Most Common Plugin Results
Plugin Total Severity Plugin Name
10905 49 InfoMicrosoft Windows 'PrintOperators' Group User List
10904 48 InfoMicrosoft Windows 'BackupOperators' Group User List
10916 42 InfoMicrosoft Windows - LocalUsers Information : Passwordsnever expire
10906 41 InfoMicrosoft Windows 'Replicator'Group User List
10399 39 InfoSMB Use Domain SID toEnumerate Users
10902 38 InfoMicrosoft Windows'Administrators' Group UserList
17651 36 InfoMicrosoft Windows SMB :Obtains the Password Policy
10915 35 InfoMicrosoft Windows - LocalUsers Information : User hasnever logged on
10899 35 InfoMicrosoft Windows - UsersInformation : User has neverlogged in
10914 31 InfoMicrosoft Windows - LocalUsers Information : Neverchanged passwords
10907 31 HighMicrosoft Windows GuestAccount Belongs to a Group
56211 29 MediumSMB Use Host SID toEnumerate Local UsersWithout Credentials
10900 29 InfoMicrosoft Windows - UsersInformation : Passwords neverexpires
10895 29 InfoMicrosoft Windows - UsersInformation : automaticallydisabled accounts
10913 28 InfoMicrosoft Windows - LocalUsers Information : Disabledaccounts
10896 27 InfoMicrosoft Windows - UsersInformation : Can't changepassword
10860 23 InfoSMB Use Host SID toEnumerate Local Users
Nessus Plugin Family SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Windows : User management
Tenable Network Security 76
Plugin Total Severity Plugin Name
10898 21 InfoMicrosoft WIndows - UsersInformation : Never changedpassword
10911 19 Info
Microsoft Windows -Local Users Information :Automatically disabledaccounts
10903 18 InfoMicrosoft Windows 'ServerOperators' Group User List
10901 13 InfoMicrosoft Windows 'AccountOperators' Group User List
10897 13 InfoMicrosoft Windows - UsersInformation : disabled accounts
10908 12 InfoMicrosoft Windows 'DomainAdministrators' Group User List
10912 8 InfoMicrosoft Windows - LocalUsers Information : Can'tchange password