ncircle PCI Compliance Report for Techno Kitchen Detail Report



Similar documents
1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day. SSL Certificate - Subject Common Name Does Not Match Server FQDN

My FreeScan Vulnerabilities Report

Internet Security [1] VU Engin Kirda

CS5008: Internet Computing

Automated Vulnerability Scan Results

Payment Card Industry (PCI) Data Security Standard

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

Linux VPS with cpanel. Getting Started Guide

Criteria for web application security check. Version

Cyber Security Scan Report

Vulnerability Scan. January 6, 2015

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Release Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7/v1.8

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Payment Card Industry (PCI) Executive Report 08/04/2014

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

AAF boost. AAF boost 2014 report for AAF EXAMPLE ORGANISATION

April 11, (Revision 2)

The Trivial Cisco IP Phones Compromise

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

Using EMC Unisphere in a Web Browsing Environment: Browser and Security Settings to Improve the Experience

Topics in Network Security

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Linux Network Security

Penetration Testing Report Client: Business Solutions June 15 th 2015

ASV Scan Report Vulnerability Details PRESTO BIZ

Thick Client Application Security

1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Chapter 17. Transport-Level Security

Web Application Report

Configuring Security Features of Session Recording

This report contains all 91 results selected by the filtering described above. Before filtering there were 91 results.

Network Security Fundamentals

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

noway.toonux.com 09 January 2014

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Solution of Exercise Sheet 5

Step-by-Step Configuration

How to configure SSL proxying in Zorp 3 F5

ENTERPRISE LINUX NETWORKING SERVICES

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

Sitefinity Security and Best Practices

Learn Ethical Hacking, Become a Pentester

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Firewall Server 7.2. Release Notes. What's New in Firewall Server 7.2

General Network Security

Payment Card Industry (PCI) Executive Report 10/27/2015

How-to: DNS Enumeration

Specific recommendations

1. LAB SNIFFING LAB ID: 10

McAfee Vulnerability Manager 7.0.2

Client logo placeholder XXX REPORT. Page 1 of 37

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Where every interaction matters.

Proxies. Chapter 4. Network & Security Gildas Avoine

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems

Description of Microsoft Internet Information Services (IIS) 5.0 and

GL275 - ENTERPRISE LINUX NETWORKING SERVICES

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Secure Web Appliance. SSL Intercept

1 Introduction: Network Applications

Firewalls. Chapter 3

Web App Security Audit Services

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Internet Banking System Web Application Penetration Test Report

Release Notes for Websense Security v7.2

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Web Application Security

Windows Remote Access

Lesson 13: DNS Security. Javier Osuna GMV Head of Security and Process Consulting Division

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

GL-275: Red Hat Linux Network Services. Course Outline. Course Length: 5 days

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Web Plus Security Features and Recommendations

Linux MDS Firewall Supplement

Penetration Testing with Kali Linux

Web Application Security

Web Application Security Assessment and Vulnerability Mitigation Tests

Basic & Advanced Administration for Citrix NetScaler 9.2

Step-by-Step Configuration

Click Studios. Passwordstate. Installation Instructions

SyncThru TM Web Admin Service Administrator Manual

1 Scope of Assessment

Security of IPv6 and DNSSEC for penetration testers

PowerChute TM Network Shutdown Security Features & Deployment

Exploiting Foscam IP Cameras.

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

Transcription:

ncircle PCI Compliance Report for Techno Kitchen Detail Report Report Summary Scan Start Date 2010-04-30 19:25:42 UTC Scan End Date 2010-04-30 20:22:39 UTC Report Date 2010-04-30 20:22:55 UTC ASPL Version 345 Target IPs 72.29.66.18 This report was generated by a PCI approved scanning vendor, ncircle Network Security, under certificate number 4175-01-03, within the guidelines of the PCI data security initiative. ncircle has determined that Techno Kitchen is NOT COMPLIANT with the PCI scan validation requirements. Hosts Hosts Found Compliant Hosts Non-compliant Hosts Status 1 0 1 IP Address CVSS >= 4 CVSS < 4 Amendments Status 72.29.66.18 27 30 0 Page 1

72.29.66.18 (72.29.66.18) DNS Name 72.29.66.18 IP360 Score 1776 NetBIOS Name Vulnerabilities 57 Domain/Workgroup Applications 34 Operating System Unix Variant ncircle has determined that 72.29.66.18 is Not Compliant with the PCI scan requirements. NetBIOS Shares: None Applications: Port Service Applications 26 Unknown 1157 Unknown 2077 Unknown 2078 Unknown 2086 Unknown 2087 Unknown 2095 Unknown 2096 Unknown 21 FTP ProFTP 1.3.2 25 SMTP Exim SMTP 53 DNS TCP Bind 9 tcp DNS 2082 HTTP HTTP Server 2083 HTTP HTTP Server 2082 HTTP HTTP-Based Application 2083 HTTP HTTP-Based Application 80 HTTP PHP 5.x 80 HTTP Apache 2.1.x - 2.2.x HTTP 80 HTTP Spidered Web Pages 143 IMAP Unknown 53 DNS UDP Bind 9 udp DNS 995 POP3 SSLv2 995 POP3 SSLv3 995 POP3 TLSv1 110 POP3 Dovecot POP3 465 SMTPS Exim SMTP 465 SMTPS SSLv2 Page 2

465 SMTPS SSLv3 465 SMTPS TLSv1 993 IMAPS SSLv2 993 IMAPS SSLv3 993 IMAPS TLSv1 443 HTTPS Apache 2.1.x - 2.2.x HTTP 443 HTTPS Spidered Web Pages IPv4 Layer 4 Unknown Vulnerabilities: BIND out-of-bailiwick Data Vulnerability ncircle ID: 24421 Port: 53 CVSS Score: 7.6 Not Compliant The following versions of BIND are vulnerable because they handle out-of-bailiwick data during a secure response without re-fetching from the data from the original source. This makes it possible for a remote attacker to perform unspecified actions through a crafted response. This vulnerability is part of a fix for an insufficient fix in CVE-2009-4022. Vulnerable Versions: 9.0.x to 9.3.x 9.4 BEFORE 9.4.3-P5 9.5 BEFORE 9.5.2-P2 9.6 BEFORE 9.6.1-P3 ISC recommends that users of BIND upgrade to the latest versions of BIND that address this vulnerability. 9.4.3-P5 9.5.2-P2 9.6.1-P3 CVE: CVE-2010-0382, CVSS Base Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C), CVSS Base Score: 7.6, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 6.3 GD Graphics Library '_gdgetcolors' Remote Buffer Overflow Vulnerability ncircle ID: 24425 Port: 80 CVSS Score: 7.5 Not Compliant A vulnerability allowing buffer overflow or buffer over-read attacks has been discovered in PHP 5.2.11 and 5.3.x before 5.3.1 Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php CVE: CVE-2009-3546, CVSS Base Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P), CVSS Base Score: 7.5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 5.5 PHP 'session.save_path()' Arbitrary Code Execution Vulnerability ncircle ID: 24455 Port: 80 CVSS Score: 7.5 Not Compliant A vulnerability has been discovered in session.save_path in PHP that allows for corruption of the _SESSION superglobal array, and the session.save_path directive. This affects all versions prior to 5.2.12 Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php CVE: CVE-2009-4143, CVSS Base Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P), CVSS Base Score: 7.5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 5.5 PHP ext/posix/posix.c File Creation Vulnerability ncircle ID: 24447 Port: 80 CVSS Score: 6.8 Not Compliant A vulnerability has been discovered in PHP before 5.2.12 and 5.3.x before 5.3.1 which allows for unauthenticated creation of files, bypassing open_basdir restrictions, also potentially causing denial of service. Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php CVE: CVE-2009-3558, CVSS Base Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P), CVSS Base Score: 6.8, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 5.0 Page 3

OpenSSL Network Security Services (NSS) Library Support for MD2 with X.509 Certificates Vulnerability ncircle ID: 24493 Port: 80 CVSS Score: 6.4 Not Compliant OpenSSL versions that support MD2 with X.509 certificates are prone to a vulnerability which can be exploited by remote attackers to spoof certificates. A large amount of computational power is required to exploit flaws in MD2 in order to achieve a spoofed certificate, but the flaw could allow a certificate to be spoofed in less time than it would take to spoof the certificate via brute-force methods. Versions 0.9.8 through 0.9.8k are vulnerable. CVE: CVE-2009-2409, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P), CVSS Base Score: 6.4, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.7 OpenSSL Network Security Services (NSS) Library Support for MD2 with X.509 Certificates Vulnerability ncircle ID: 24493 Port: 443 CVSS Score: 6.4 Not Compliant OpenSSL versions that support MD2 with X.509 certificates are prone to a vulnerability which can be exploited by remote attackers to spoof certificates. A large amount of computational power is required to exploit flaws in MD2 in order to achieve a spoofed certificate, but the flaw could allow a certificate to be spoofed in less time than it would take to spoof the certificate via brute-force methods. Versions 0.9.8 through 0.9.8k are vulnerable. CVE: CVE-2009-2409, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P), CVSS Base Score: 6.4, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.7 OpenSSL TLS Protocol Session Renegotiation Vulnerability ncircle ID: 24494 Port: 80 CVSS Score: 6.4 Not Compliant OpenSSL is prone to a vulnerability in its' TLS and SSLv3 (and possibly earlier) protocols, which could allow a man-in-the-middle attacker to inject data into sessions protected by TLS or SSL, such as HTTPS sessions. The problem arises due to the failure of OpenSSL to associate renegotiated handshakes with existing connections. Versions before 0.9.8l are vulnerable. CVE: CVE-2009-3555, BugTraq: 36935, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P), CVSS Base Score: 6.4, ncircle CVSS Temporal Vector: (E:POC/RL:OF/RC:C), ncircle CVSS Temporal Score: 5.0 OpenSSL TLS Protocol Session Renegotiation Vulnerability ncircle ID: 24494 Port: 443 CVSS Score: 6.4 Not Compliant OpenSSL is prone to a vulnerability in its' TLS and SSLv3 (and possibly earlier) protocols, which could allow a man-in-the-middle attacker to inject data into sessions protected by TLS or SSL, such as HTTPS sessions. The problem arises due to the failure of OpenSSL to associate renegotiated handshakes with existing connections. Versions before 0.9.8l are vulnerable. CVE: CVE-2009-3555, BugTraq: 36935, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P), CVSS Base Score: 6.4, ncircle CVSS Temporal Vector: (E:POC/RL:OF/RC:C), ncircle CVSS Temporal Score: 5.0 Web Server HTTP TRACE Method Supported ncircle ID: 5041 Port: 80 CVSS Score: 5.8 Not Compliant The TRACE method is an HTTP command used for debugging purposes. A client sending the TRACE command to a web server will receive an echo of the entire request, including HTTP headers. It is possible for a malicious user to obtain sensitive information from the headers, such as cookies or authentication data. Many web servers released prior to January 2003 had the TRACE method enabled by default. These include Apache, Microsoft IIS, Sun ONE/iPlanet Web Server, and WebLogic Server and Express. Unless it is specifically needed, the TRACE method should be disabled. Under Apache, this can be done using the mod_rewrite module, with the following syntax: RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule.* - [F] For Microsoft IIS, the URLScan tool should be used to deny HTTP TRACE requests. URLScan is available at http://www.microsoft.com/technet/security/tools/urlscan.mspx. The procedure for the Sun ONE/iPlanet Web Server can be found at http://sunsolve.sun.com/search/document.do?assetkey=1-26-50603-1. For WebLogic Server and Express, the following products are vulnerable: * WebLogic Server and Express 8.1, released through Service Pack 2, all platforms * WebLogic Server and Express 7.0, released through Service Pack 4, all platforms * WebLogic Server and Express 6.1, released through Service Pack 6, all platforms * WebLogic Server and Express 5.1, released through Service Pack 13, all platforms The vendor has released an advisory and patches pertaining to the vulnerability. These are available at http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/bea04_48.01.jsp http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/bea04_48.01.jsp Page 4

CVE: CVE-2004-2320, BugTraq: 9506, BugTraq: 9561, CVSS Base Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N), CVSS Base Score: 5.8, ncircle CVSS Temporal Vector: (E:H/RL:W/RC:C), ncircle CVSS Temporal Score: 5.5 Web Server HTTP TRACE Method Supported ncircle ID: 5041 Port: 443 CVSS Score: 5.8 Not Compliant The TRACE method is an HTTP command used for debugging purposes. A client sending the TRACE command to a web server will receive an echo of the entire request, including HTTP headers. It is possible for a malicious user to obtain sensitive information from the headers, such as cookies or authentication data. Many web servers released prior to January 2003 had the TRACE method enabled by default. These include Apache, Microsoft IIS, Sun ONE/iPlanet Web Server, and WebLogic Server and Express. Unless it is specifically needed, the TRACE method should be disabled. Under Apache, this can be done using the mod_rewrite module, with the following syntax: RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule.* - [F] For Microsoft IIS, the URLScan tool should be used to deny HTTP TRACE requests. URLScan is available at http://www.microsoft.com/technet/security/tools/urlscan.mspx. The procedure for the Sun ONE/iPlanet Web Server can be found at http://sunsolve.sun.com/search/document.do?assetkey=1-26-50603-1. For WebLogic Server and Express, the following products are vulnerable: * WebLogic Server and Express 8.1, released through Service Pack 2, all platforms * WebLogic Server and Express 7.0, released through Service Pack 4, all platforms * WebLogic Server and Express 6.1, released through Service Pack 6, all platforms * WebLogic Server and Express 5.1, released through Service Pack 13, all platforms The vendor has released an advisory and patches pertaining to the vulnerability. These are available at http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/bea04_48.01.jsp http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/bea04_48.01.jsp CVE: CVE-2004-2320, BugTraq: 9506, BugTraq: 9561, CVSS Base Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N), CVSS Base Score: 5.8, ncircle CVSS Temporal Vector: (E:H/RL:W/RC:C), ncircle CVSS Temporal Score: 5.5 Apache Remote Username Enumeration Vulnerability ncircle ID: 1854 Port: 80 CVSS Score: 5.0 Not Compliant Versions of the Apache web server install with a default misconfiguration that allows remote users to determine whether a given username exists on the vulnerable system. When a remote user submits an HTTP request for a possible user's default home page, the server has one of three responses. In a case where the tested username is valid, and that account has been configured with a homepage, the server replies with HTTP result code 200, and the user's homepage. Alternatively, when the tested username does exist on the system, but does not have a homepage, the server responds with HTTP result code 403, and the server message "You don't have permission to access /~username on this server." However, if the tested username does not exist as an account on the system, the Apache server's response is HTTP result code 404 and the message "The requested URL /~username was not found on this server." Because the server responds differently in the latter two cases, a remote user can test and enumerate possible usernames. Properly exploited, this information could be used in further attacks on the vulnerable host. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: support@ncircle.com MITIGATION Workaround 1 - Disable the default-enabled UserDir directive: % echo 'UserDir Disabled' >> /var/www/conf/httpd.conf Workaround 2 - Substitute URL for pathname in httpd.conf: % echo 'ErrorDocument 404 http://localhost/sample.html' >> /var/www/conf/httpd.conf % echo 'ErrorDocument 403 http://localhost/sample.html' >> /var/www/conf/httpd.conf % sudo apachectl restart Ensure users select hard to guess passwords (passwords that are not based on 'dictionary' words, names or other guessable strings). Disallow remote untrusted network traffic. CVE: CVE-2001-1013, BugTraq: 3335, CVSS Base Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:H/RL:W/RC:C), ncircle CVSS Temporal Score: 4.8 PHP ext/standard/file.c Context Dependent Safe Mode Bypass Vulnerability ncircle ID: 24426 Port: 80 CVSS Score: 5.0 Not Compliant A vulnerability in ext/standard/file.c has been discovered that allows for bypassing safe_mode, allowing for file creation in group or world writable directories. This affects all versions prior to 5.2.12, and before 5.3.1 in the 5.3.x branch. Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php CVE: CVE-2009-3557, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 BIND DNSSEC NSEC/NSEC3 Validation Code Vulnerability ncircle ID: 24419 Port: 53 CVSS Score: 4.3 Not Compliant The following versions of ISC BIND fail to properly validate DNSSEC, NSEC, or NSEC3 records. This vulnerability permits an attacker to add the authenticated data flag to a spoofed NXDOMAIN response for a given domain. The expected results are bogus NXDOMAIN responses. Vulnerable Versions: 9.0.x to 9.3.x 9.4 BEFORE 9.4.3-P5 9.5 BEFORE 9.5.2-P2 9.6 BEFORE 9.6.1-P3 ISC recommends that users of BIND upgrade to the latest versions of BIND that address this vulnerability. 9.4.3-P5 9.5.2-P2 9.6.1-P3 CVE: CVE-2010-0097, BugTraq: 37865, CVSS Base Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N), CVSS Base Score: 4.3, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.6 Page 5

PHP overlong UTF-8 sequences remote cross-site scripting ncircle ID: 24454 Port: 80 CVSS Score: 4.3 Not Compliant A vulnerability has been discovered in PHP involving UTF-8, EUC-JP, and Shift_JIS handling, which allows for cross-site scripting (XSS) to occur in versions prior to 5.2.12 Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php CVE: CVE-2009-4142, CVSS Base Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N), CVSS Base Score: 4.3, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.6 BIND DNSSEC Validation and DNS cache poisoning Vulnerability ncircle ID: 24420 Port: 53 CVSS Score: 4.0 Not Compliant An unspecified vulnerability exists in the following versions of ISC BIND. This vulnerability exists when DNSSEC validation is enabled but checking is disabled. This makes it possible for a remote attacker to perform DNS cache poisoning attacks. This occurs via interception of a client query for CNAME or DNAME records and returning attacker specified data. This takes place before caching. This vulnerability corrects an incomplete fix of CVE-2009-4022. Vulnerable Versions: 9.0.x to 9.3.x 9.4 BEFORE 9.4.3-P5 9.5 BEFORE 9.5.2-P2 9.6 BEFORE 9.6.1-P3 ISC recommends that users of BIND upgrade to the latest versions of BIND that address this vulnerability. 9.4.3-P5 9.5.2-P2 9.6.1-P3 CVE: CVE-2010-0290, CVSS Base Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:P), CVSS Base Score: 4, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.3 BIND DNSSEC Validation Enabled Vulnerability ncircle ID: 24422 Port: 53 CVSS Score: 4.0 Not Compliant The following BIND versions are vulnerable to an unspecified vulnerability. It is known that when DNSSEC validation is enabled and checking is disabled a remote attacker can perform a DNS cache poisoning attack. Vulnerable Versions: 9.0.x to 9.3.x 9.4 BEFORE 9.4.3-P5 9.5 BEFORE 9.5.2-P2 9.6 BEFORE 9.6.1-P3 ISC recommends that users of BIND upgrade to the latest versions of BIND that address this vulnerability. 9.4.3-P5 9.5.2-P2 9.6.1-P3 CVE: CVE-2009-4022, BugTraq: 37118, CVSS Base Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:P), CVSS Base Score: 4, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.3 OpenSSL DTLS Record Buffer Limitation Vulnerability ncircle ID: 24487 Port: 80 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in the dtls1_buffer_record function in ssl/d1_pkt.c, which can be exploited by a remote attacker to cause a denial-of-service. The DTLS buffer has a size limitation that can be exploited by sending a large number of "future epoch" DTLS records to the server. Versions 0.9.8 to 0.9.8k are vulnerable. CVE: CVE-2009-1377, BugTraq: 35001, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 OpenSSL DTLS Record Buffer Limitation Vulnerability ncircle ID: 24487 Port: 443 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in the dtls1_buffer_record function in ssl/d1_pkt.c, which can be exploited by a remote attacker to cause a denial-of-service. The DTLS buffer has a size limitation that can be exploited by sending a large number of "future epoch" DTLS records to the server. Versions 0.9.8 to 0.9.8k are vulnerable. CVE: CVE-2009-1377, BugTraq: 35001, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 OpenSSL DTLS Fragment Handling Memory Leak Vulnerability ncircle ID: 24488 Port: 80 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in the dtls1_process_out_of_seq_message function in ssl/d1_both.c, which can be exploited by a remote attacker to cause a denial-of-service. The problem arises due to memory leaks that occur in OpenSSL when handling duplicate DTLS records or when handling DTLS records that have sequence numbers set which are much higher than current DTLS record sequence numbers. Versions 0.9.8 to 0.9.8k are vulnerable. Page 6

CVE: CVE-2009-1378, BugTraq: 35001, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 OpenSSL DTLS Fragment Handling Memory Leak Vulnerability ncircle ID: 24488 Port: 443 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in the dtls1_process_out_of_seq_message function in ssl/d1_both.c, which can be exploited by a remote attacker to cause a denial-of-service. The problem arises due to memory leaks that occur in OpenSSL when handling duplicate DTLS records or when handling DTLS records that have sequence numbers set which are much higher than current DTLS record sequence numbers. Versions 0.9.8 to 0.9.8k are vulnerable. CVE: CVE-2009-1378, BugTraq: 35001, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability ncircle ID: 24490 Port: 80 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in ssl/s3_pkt.c, which can be exploited by a remote attacker to cause a denial-of-service. An exploit is available for this vulnerability which causes a NULL-pointer dereference by sending a ChangeCipherSpec packet before ClientHello, ultimately causing the application to crash. Versions before 0.9.8i are vulnerable. CVE: CVE-2009-1386, BugTraq: 35174, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.1 OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability ncircle ID: 24490 Port: 443 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in ssl/s3_pkt.c, which can be exploited by a remote attacker to cause a denial-of-service. An exploit is available for this vulnerability which causes a NULL-pointer dereference by sending a ChangeCipherSpec packet before ClientHello, ultimately causing the application to crash. Versions before 0.9.8i are vulnerable. CVE: CVE-2009-1386, BugTraq: 35174, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.1 OpenSSL 'dtls1_retrieve_buffered_fragment()' Out of Sequence DTLS Handshake Messages Denial of Service Vulnerability ncircle ID: 24491 Port: 80 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in dtls1_retrieve_buffered_fragment, which can be exploited by a remote attacker to cause a denial-of-service. This vulnerability occurs because OpenSSL cannot properly handle DTLS handshake messages that are sent out of sequence. Versions before 1.0.0 Beta 2 are vulnerable. CVE: CVE-2009-1387, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 OpenSSL 'dtls1_retrieve_buffered_fragment()' Out of Sequence DTLS Handshake Messages Denial of Service Vulnerability ncircle ID: 24491 Port: 443 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in dtls1_retrieve_buffered_fragment, which can be exploited by a remote attacker to cause a denial-of-service. This vulnerability occurs because OpenSSL cannot properly handle DTLS handshake messages that are sent out of sequence. Versions before 1.0.0 Beta 2 are vulnerable. CVE: CVE-2009-1387, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:U/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.7 Page 7

OpenSSL 'zlib_stateful_finish()' Denial of Service Vulnerability ncircle ID: 24492 Port: 80 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in zlib_stateful_finish, which can be exploited by a remote attacker to cause excessive memory consumption leading to a denial-of-service. A demonstration for this exploit is currently available which makes use of SSLv3, PHP, and Apache. Versions 0.9.8l and earlier, and 1.0.0 Beta through Beta 4 are vulnerable. CVE: CVE-2009-4355, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.1 OpenSSL 'zlib_stateful_finish()' Denial of Service Vulnerability ncircle ID: 24492 Port: 443 CVSS Score: 5.0 OpenSSL is prone to a vulnerability in zlib_stateful_finish, which can be exploited by a remote attacker to cause excessive memory consumption leading to a denial-of-service. A demonstration for this exploit is currently available which makes use of SSLv3, PHP, and Apache. Versions 0.9.8l and earlier, and 1.0.0 Beta through Beta 4 are vulnerable. CVE: CVE-2009-4355, CVSS Base Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P), CVSS Base Score: 5, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 4.1 BIND 9 dns_db_findrdataset Function Denial of Service Vulnerability ncircle ID: 22057 Port: 53 CVSS Score: 4.3 ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1 are vulnerable to a Denial of Service attack caused by a specially crafted dynamic update message. This only applies when configured as a master server. Upgrade BIND version to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. CVE: CVE-2009-0696, CVSS Base Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P), CVSS Base Score: 4.3, ncircle CVSS Temporal Vector: (E:F/RL:OF/RC:C), ncircle CVSS Temporal Score: 3.6 PHP Python Extension 'safe_mode' Restriction Bypass Vulnerability ncircle ID: 14716 Port: 80 CVSS Score: 3.0 PHP is prone to a 'safe_mode' restriction-bypass vulnerability when the Python extension in enabled. Successful exploits could allow an attacker to execute arbitrary code. Specifically, this is caused by 'safe_mode' failing to properly restrict Python code embedded within PHP code. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' restriction is expected to isolate users from each other. Versions prior to PHP 6 are vulnerable. NOTE: The severity of this issue can vary depending on the specific configuration of the server. Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php BugTraq: 32902, ncircle CVSS Base Vector: (AV:L/AC:M/Au:S/C:P/I:P/A:N), ncircle CVSS Base Score: 3.0, ncircle CVSS Temporal Vector: (E:POC/RL:OF/RC:C), ncircle CVSS Temporal Score: 2.3 EXPIRED SSL/TLS CERTIFICATE ncircle ID: 5465 Port: 465 CVSS Score: 2.6 A SSL/TLS certificate on this host has expired. The certificate should be renewed at the earliest opportunity. ncircle CVSS Base Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P), ncircle CVSS Base Score: 2.6, ncircle CVSS Temporal Vector: (E:U/RL:W/RC:C), ncircle CVSS Temporal Score: 2.1 BIND Version ncircle ID: 63 Port: 53 CVSS Score: 0.0 BIND (Berkeley Internet Name Domain) software is an implementation of the DNS (Domain Name System) protocol. By default, BIND displays a version number when queried. This information can be useful for an attacker attempting to identify vulnerabilities in the BIND software running on a network. For this reason, it is strongly recommended that system administrators have the banner disabled. To prevent the version from being displayed under BIND 8, a zone must be created in the configuration file to prevent such information from being displayed: zone "bind" chaos { allow-query {localhost;} type master; file "bind.chaos"; }; Within the bind.chaos file one can either change the version.bind entry by adding a TXT record or not add any entires. Regardless, a standard zone file must be created to resemble the following example: @ 1D CHAOS SOA localhost. hostmaster.localhost. ( 1 ; serial 3H ; refresh 1H ; retry 1W ; expiry 1D ) ; minimum CHAOS NS localhost. Page 8

FTP Banner Available ncircle ID: 71 Port: 21 CVSS Score: 0.0 An intruder can retrieve extended banner information. Banners provide information that can help an intruder guess the operating system of the server or discover other system vulnerabilities. Intruders routinely attempt to retrieve banner information from available services as a means of pre-attack reconnaissance. As with all services, disable this service if it is non-essential to the server's operations. Additionally, we recommend you use IP filtering software to restrict access to a limited set of trusted hosts. Various IP filtering packages can be used to control access to services by IP address or hostname, and provides an enhanced logging facility for services it protects. Be advised, services protected in this manner will still be vulnerable to IP spoofing attacks, however, the program does provide a much needed additional layer of security. HTTP Server Header Information Leakage ncircle ID: 534 Port: 80 CVSS Score: 0.0 The HTTP "Server" header contains information that can be useful to remote users planning an attack on the server. Most headers display information about the HTTP version being used and the OS of the webserver or device on which the HTTP server is running. The "Server" header is designed to advertise the type of server that the remote host is running. This header can be useful to attackers who wish to learn about the remote host for purposes of attacking it. Follow accepted methods for changing or disabling the "Server" header sent by your web server. SMTP VRFY Available ncircle ID: 538 Port: 25 CVSS Score: 0.0 The SMTP server running on this host allows the VRFY command. The VRFY command allows an anonymous user to confirm that an argument properly identifies a user. If the argument is a valid user's name, Sendmail will reply with the user's full name and mailbox. This information is useful to remote intruders both for purposes of social engineering and guessing account passwords. Disable the VRFY command. SMTP VRFY Available ncircle ID: 538 Port: 465 CVSS Score: 0.0 The SMTP server running on this host allows the VRFY command. The VRFY command allows an anonymous user to confirm that an argument properly identifies a user. If the argument is a valid user's name, Sendmail will reply with the user's full name and mailbox. This information is useful to remote intruders both for purposes of social engineering and guessing account passwords. Disable the VRFY command. POP3 Available ncircle ID: 929 Port: 110 CVSS Score: 0.0 POP3 (Post Office Protocol) is a remote mail access protocol. POP was designed to support "offline" mail processing. In the offline paradigm, mail is delivered to a (usually shared) server, and a personal computer user periodically invokes a mail "client" program that connects to the server and downloads all of the pending mail to the user's own machine. This service should be disabled if it is not needed. Page 9

POP3 Available ncircle ID: 929 Port: 995 CVSS Score: 0.0 POP3 (Post Office Protocol) is a remote mail access protocol. POP was designed to support "offline" mail processing. In the offline paradigm, mail is delivered to a (usually shared) server, and a personal computer user periodically invokes a mail "client" program that connects to the server and downloads all of the pending mail to the user's own machine. This service should be disabled if it is not needed. FTP Available ncircle ID: 1059 Port: 21 CVSS Score: 0.0 The FTP service was detected on the system. The file transfer protocol (FTP) uses a TCP connection to transfer files between remote hosts. FTP sessions involve two separate connections: the control connection and the data connection. The server listens for FTP control connections on TCP port 21. During the control connection the user may specify the port that will be available for data connection, though it is standard to use port 20 for FTP data transfer. Most FTP sessions require user authorization to transfer files. FTP is linked to several vulnerabilities and is a serious security risk. The protocol for this service is defined in RFC-959 and RFC-1123. Disable the FTP service if it is not required for business reasons. If the FTP service is needed internally, configure packet filters on firewalls and border routers to block external access to port 21 on your internal network. Additionally, we recommend you use TCP_wrappers to restrict access to this service to a limited set of trusted hosts. TCP_ wrappers is used to control access to services by IP address or hostname, and provides an enhanced logging facility for services it protects. Be advised, services protected in this manner will still be vulnerable to IP spoofing attacks, however, the program does provide a much needed additional layer of security. SMTP Available ncircle ID: 1064 Port: 25 CVSS Score: 0.0 SMTP provides a way to send mail across transport service environments. The TCP connection between the sender process and the receiver process provides a transmission channel with a default port of 25. Since SMTP is independent of the transmission subsystem, it requires only a reliable ordered data stream channel. The protocol for this service is defined in RFC-821. Disable your SMTP daemon if it is non-essential to the server's operations. Eliminating unnecessary services mitigates risk to the network by eliminating potential points of attack. If SMTP is needed, we recommend that it be encrypted. SMTP Available ncircle ID: 1064 Port: 465 CVSS Score: 0.0 SMTP provides a way to send mail across transport service environments. The TCP connection between the sender process and the receiver process provides a transmission channel with a default port of 25. Since SMTP is independent of the transmission subsystem, it requires only a reliable ordered data stream channel. The protocol for this service is defined in RFC-821. Disable your SMTP daemon if it is non-essential to the server's operations. Eliminating unnecessary services mitigates risk to the network by eliminating potential points of attack. If SMTP is needed, we recommend that it be encrypted. FTP SYST ncircle ID: 1224 Port: 21 CVSS Score: 0.0 FTP SYST vulnerability has been found on the device. The FTP SYST command provides information on the type of operating system being run by the server. This information can prove invaluable in developing attack strategies. Using the FTP SYST command, attackers can discover operating system version information. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please e-mail us at support@ncircle.com Vector: (E:H/RL:U/RC:C), ncircle CVSS Temporal Score: 0.0 Page 10

DNS Available ncircle ID: 1282 Port: 53 CVSS Score: 0.0 The Domain Name System or DNS is an information system designed to provide a mechanism for naming resources in such a way that the names are usable in different hosts, networks, protocol families, Internets, and administrative organizations. It uses ports 53/TCP and 53/UDP respectively. A DNS server can be mined for information pertaining to your network. It can reveal host names and internal IP address if misconfigured. If DNS is not necessary on this host it should be disabled. To disable, remove DNS entries from the appropriate rc file or rc runlevel file. (Alternately, to disable DNS running on Windows, use the "services" control panel.) DNS Available ncircle ID: 1282 Port: 53 CVSS Score: 0.0 The Domain Name System or DNS is an information system designed to provide a mechanism for naming resources in such a way that the names are usable in different hosts, networks, protocol families, Internets, and administrative organizations. It uses ports 53/TCP and 53/UDP respectively. A DNS server can be mined for information pertaining to your network. It can reveal host names and internal IP address if misconfigured. If DNS is not necessary on this host it should be disabled. To disable, remove DNS entries from the appropriate rc file or rc runlevel file. (Alternately, to disable DNS running on Windows, use the "services" control panel.) HTTP Available ncircle ID: 1343 Port: 80 CVSS Score: 0.0 The Hyper Text Transfer Protocol (HTTP) is the application level protocol used by Web servers for transferring information over the Internet. HTTP includes several methods for web-enabled applications to interact, and is associated with specific security concerns. It is recommended that this service be enabled only on systems acting as dedicated web servers. HTTP should be disabled if it is not necessary for the planned operations of the server. IMAP Available ncircle ID: 1347 Port: 143 CVSS Score: 0.0 The INTERACTIVE MAIL ACCESS PROTOCOL - VERSION 2 is a service designed to allow workstations to access mail dynamically from a mailbox server. IMAP is a protocol to facilitate mail access, unlike SMTP, which is used to deliver mail over the Internet. IMAP defaults to clear-text transmission of data between the client and server, and is therefore vulnerable to standard sniffing attacks. If this service is needed it should default to SSL encrypted transfers to better ensure confidentiality. IMAP should be disabled if it is running but not in use by the server. E-Mail Services Available ncircle ID: 1750 Port: 25 CVSS Score: 0.0 E-mail services such as SMTP, POP3 and IMAP allow users to send and receive e-mail messages. As a side effect, these same services can also be used to propagate viruses, and can be used to gather information about the users on the host running the mail server. Ensure that all e-mail services are properly updated and secured. Required updates will depend on the application in question. E-Mail Services Available ncircle ID: 1750 Port: 110 CVSS Score: 0.0 E-mail services such as SMTP, POP3 and IMAP allow users to send and receive e-mail messages. As a side effect, these same services can also be used to propagate viruses, and can be used to gather information about the users on the host running the mail server. Page 11

Ensure that all e-mail services are properly updated and secured. Required updates will depend on the application in question. E-Mail Services Available ncircle ID: 1750 Port: 143 CVSS Score: 0.0 E-mail services such as SMTP, POP3 and IMAP allow users to send and receive e-mail messages. As a side effect, these same services can also be used to propagate viruses, and can be used to gather information about the users on the host running the mail server. Ensure that all e-mail services are properly updated and secured. Required updates will depend on the application in question. E-Mail Services Available ncircle ID: 1750 Port: 465 CVSS Score: 0.0 E-mail services such as SMTP, POP3 and IMAP allow users to send and receive e-mail messages. As a side effect, these same services can also be used to propagate viruses, and can be used to gather information about the users on the host running the mail server. Ensure that all e-mail services are properly updated and secured. Required updates will depend on the application in question. E-Mail Services Available ncircle ID: 1750 Port: 995 CVSS Score: 0.0 E-mail services such as SMTP, POP3 and IMAP allow users to send and receive e-mail messages. As a side effect, these same services can also be used to propagate viruses, and can be used to gather information about the users on the host running the mail server. Ensure that all e-mail services are properly updated and secured. Required updates will depend on the application in question. Self-Signed SSL/TLS Certificate Present ncircle ID: 6211 Port: 465 CVSS Score: 0.0 An SSL certificate on this host has been self-signed; it has not been signed by a trusted certificate authority. If a connection is made via web browser, the user will be informed that the certificate is not signed by a trusted authority. If a malicious user has created the certificate, the security of the certificate cannot be guaranteed. Use a trusted third-party certificate authority to sign SSL certificates. MITIGATION Browsers can be configured to trust particular self-signed certificates. Self-Signed SSL/TLS Certificate Present ncircle ID: 6211 Port: 993 CVSS Score: 0.0 An SSL certificate on this host has been self-signed; it has not been signed by a trusted certificate authority. If a connection is made via web browser, the user will be informed that the certificate is not signed by a trusted authority. If a malicious user has created the certificate, the security of the certificate cannot be guaranteed. Use a trusted third-party certificate authority to sign SSL certificates. MITIGATION Browsers can be configured to trust particular self-signed certificates. Page 12

Self-Signed SSL/TLS Certificate Present ncircle ID: 6211 Port: 995 CVSS Score: 0.0 An SSL certificate on this host has been self-signed; it has not been signed by a trusted certificate authority. If a connection is made via web browser, the user will be informed that the certificate is not signed by a trusted authority. If a malicious user has created the certificate, the security of the certificate cannot be guaranteed. Use a trusted third-party certificate authority to sign SSL certificates. MITIGATION Browsers can be configured to trust particular self-signed certificates. SSL/TLS Certificate Domain Name Mismatch ncircle ID: 6214 Port: 465 CVSS Score: 0.0 The fully-qualified domain name (FQDN) of the server does not match the FQDN that was used when creating the certificate. Users who connect to this server cannot be certain that they have connected to the correct server. Obtain a new certificate, created using the correct FQDN. MITIGATION Most web browsers will alert the user to the domain name mismatch. Change the hostname of the affected server. NOTE: If you believe this vulnerability to be a False Positive, ensure your Device Profiler is configured to use the correct DNS server. SSL/TLS Certificate Domain Name Mismatch ncircle ID: 6214 Port: 993 CVSS Score: 0.0 The fully-qualified domain name (FQDN) of the server does not match the FQDN that was used when creating the certificate. Users who connect to this server cannot be certain that they have connected to the correct server. Obtain a new certificate, created using the correct FQDN. MITIGATION Most web browsers will alert the user to the domain name mismatch. Change the hostname of the affected server. NOTE: If you believe this vulnerability to be a False Positive, ensure your Device Profiler is configured to use the correct DNS server. SSL/TLS Certificate Domain Name Mismatch ncircle ID: 6214 Port: 995 CVSS Score: 0.0 The fully-qualified domain name (FQDN) of the server does not match the FQDN that was used when creating the certificate. Users who connect to this server cannot be certain that they have connected to the correct server. Obtain a new certificate, created using the correct FQDN. MITIGATION Most web browsers will alert the user to the domain name mismatch. Change the hostname of the affected server. NOTE: If you believe this vulnerability to be a False Positive, ensure your Device Profiler is configured to use the correct DNS server. SMTP Server Allows Plaintext Authentication ncircle ID: 6811 Port: 25 CVSS Score: 0.0 The SMTP Server supports one of the following authentication types: LOGIN, PLAIN, or PLAINTEXT. This means that credentials passed to this server could be sniffed and viewed by a third party. N/A SMTP Server Allows Plaintext Authentication ncircle ID: 6811 Port: 465 CVSS Score: 0.0 The SMTP Server supports one of the following authentication types: LOGIN, PLAIN, or PLAINTEXT. This means that credentials passed to this server could be sniffed and viewed by a third party. N/A Page 13

Host Configuration & Information: ID Check Value 41 IMAP Server Banner 40 POP3 Server Banner +OK Dovecot ready. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready., * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. 20 FTP Server Banners 220 ProFTPD 1.3.2d Server (ProFTPD) [::ffff:72.29.66.18] 22 SMTP Server Banner 220-techserver1.techwyse.com ESMTP Exim 4.69 #1 Fri\\, 30 Apr 2010 15:54:04-0400 220-We do not authorize the use of this system to transport unsolicited\\, 220 and/or bulk e-mail., 220-techserver1.techwyse.com ESMTP Exim 4.69 #1 Fri\\, 30 Apr 2010 15:54:04-0400 220-We do not authorize the use of this system to transport unsolicited\\, 220 and/or bulk e-mail. 24 BIND Server Banner 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 19 HTTP Server Banners Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11, Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11, cpsrvd/11.25 129 Spidered Pages Port 80: 1 page(s) spidered, Port 443: 1 page(s) spidered 165 Meta Redirects Port 80: 72.29.66.18, Port 443: 72.29.66.18 158 SSL Certificate Key Usage TCP(993):, TCP(995):, TCP(465): 159 152 162 161 160 SSL Certificate Extended Key Usage SSL Certificate Serial Number SSL Certificate Public Key Size SSL Certificate SHA1 Thumbprint SSL Certificate MD5 Thumbprint 156 SSL Certificate Valid To 155 SSL Certificate Valid From TCP(993):, TCP(995):, TCP(465): TCP(993): 01:AC:1E:C2:0F, TCP(995): 01:AC:1E:C2:0F, TCP(465): 00:BD:41:CD:9F TCP(993): 1024 bits, TCP(995): 1024 bits, TCP(465): 1024 bits TCP(993): 48:E3:53:88:E8:AC:26:4C:3F:4D:C8:39:E8:06:B6:F4:2C:0D:E7:14, TCP(995): 48:E3:53:88:E8:AC:26:4C:3F:4D:C8:39:E8:06:B6:F4:2C:0D:E7:14, TCP(465): 06:4E:3F:D6:17:38:C8:10:C3:6E:42:51:DC:20:AD:17:79:32:AC:63 TCP(993): 95:C6:3D:3C:E3:25:FD:25:24:6F:31:83:76:51:42:70, TCP(995): 95:C6:3D:3C:E3:25:FD:25:24:6F:31:83:76:51:42:70, TCP(465): DC:A6:26:C1:99:07:9A:70:BF:B1:9F:62:A9:05:43:D6 TCP(993): Thu Jan 13 05:29:57 2011 UTC, TCP(995): Thu Jan 13 05:29:57 2011 UTC, TCP(465): Thu Apr 29 13:01:51 2010 UTC TCP(993): Wed Jan 13 05:29:57 2010 UTC, TCP(995): Wed Jan 13 05:29:57 2010 UTC, TCP(465): Wed Apr 29 13:01:51 2009 UTC Page 14

154 SSL Certificate Issuer 157 SSL Certificate Subject 153 SSL Certificate Signature Algorithm TCP(993): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com, TCP(995): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com, TCP(465): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com TCP(993): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com, TCP(995): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com, TCP(465): organizationalunitname=unknown\\, organizationname=unknown\\, statename=unknown\\, commonname=techserver1.techwyse.com\\, countryname=us\\, localityname=unknown\\, email=ssl@techserver1.techwyse.com TCP(993): shawithrsaencryption, TCP(995): shawithrsaencryption, TCP(465): shawithrsaencryption Page 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information