Scribd Logo
Hochladen

Willkommen bei Scribd!

  • R02 VulnerabilityStatus

    Hochgeladen von

    私はあなたを愛して ヘクター
    362 Ansichten7 Seiten

    Originaltitel

    R02_VulnerabilityStatus

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    362 Ansichten7 Seiten

    R02 VulnerabilityStatus

    Hochgeladen von

    私はあなたを愛して ヘクター

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 7

    Vulnerability Status

    Description

    Shows statistical information related to the vulnerabilities detected on target computers. Vulnerabilities can be grouped by computer name, vulnerability severity, timestamp and category. 10/11/2011 18:32:56 Crisma

    Generated on Generated by Advanced Settings Report items Target

    All PARTICUL-D5A0D8

    Grouped by Sorted by

    'Computer' - Ascending AND 'Vulnerability Severity' - Descending 'Vulnerability Timestamp' - Ascending

    Reviewed by __________________

    Reviewed Date _______________

    Signature ____________

    Vulnerability Status Vulnerability Distribution by Severity

    Vulnerability Distribution by Computer


    Computer/IP
    PARTICUL-D5A0D8

    High
    14

    Medium
    8

    Low
    5

    Potential
    4

    Vulnerability Listing by Computer


    PARTICUL-D5A0D8

    High
    AutoRun is enabled
    Category Description Product Timestamp Miscellaneous Microsoft Windows supports automatic execution in CD/DVD drives and other removable media. This poses a security risk in the case where a CD or removable disk containing malware that automatically installs itself once the disc is inserted.It is recomm N/A 2007-05-10-00:00

    Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
    Category Description Product Timestamp Missing Service Packs 951847 Windows 2009-10-16

    Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909)
    Category Description Product Timestamp Category Description Product Timestamp Missing Microsoft Patches 979909 Windows 2010-07-13 Software Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) in Microsoft Windows, as used in BS.Player, Media Player Classic, and possibly other products, allows local users, and possibly remote attackers, to execute arbitrary code and conduct D N/A 2010-09-23T15:01:11

    OVAL:7132: Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) in Microsoft Windows

    OVAL:6743: Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 and Windows XP SP2
    Category Description Software Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse Page: 2 of 7 schannel.dll that N/A 2010-10-04T04:39:22

    Product Timestamp

    Vulnerability Status search path vulnerability in Microsoft Windows Internet Communication Settings OVAL:6743: Untrusted Vulnerability Listing by Computer Category Software
    Description

    on Windows XP SP3 and Windows XP SP2

    Product Timestamp

    Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that N/A 2010-10-04T04:39:22

    Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
    Category Description Product Timestamp Missing Microsoft Patches 2416473 Windows 2010-10-12

    Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
    Category Description Product Timestamp Category Description Product Timestamp Missing Microsoft Patches 2418241 Windows 2010-10-12 Software Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the N/A 2010-10-22T16:52:53

    OVAL:12209: Untrusted search path vulnerability in Microsoft Windows Progman Group Converter

    OVAL:12514: Denial of service vulnerability in the DOM implementation in Microsoft Internet Explorer 9.0.7930.16406 and earlier versions
    Category Description Product Timestamp Category Description Product Timestamp Web Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz. Microsoft Internet Explorer 2011-03-18T13:10:08 Missing Non-Microsoft Patches APSB11-21 Adobe Flash Player 11 2011-10-03

    Adobe Flash Player 11.0.1.152 msi

    Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
    Category Description Product Timestamp Missing Microsoft Patches 2518864 Windows 2011-10-11

    Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2572073)
    Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Missing Microsoft Patches 2572073 Windows 2011-10-11 Missing Service Packs 2526297 Office 2011-10-25 Services You MUST set a password for the administrator account and/or disable guest logons. N/A N/A

    Microsoft Office Compatibility Pack Service Pack 3 (SP3)

    A connection could be opened using account Administrator without password!

    Page: 3 of 7

    Vulnerability Status Vulnerability Listing by Computer

    Medium
    LM Hash
    Category Description Product Timestamp Registry It is recommended to use NTLM authentication instead of LM. For more information, visit: http://support.microsoft.com/support/kb/articles/q147/7/06.asp N/A 2002-01-01

    OVAL:12566: Microsoft Windows Human Interface Device (HID) driver is prone to security bypass vulnerability.
    Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Software Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mous N/A 2011-02-25T14:33:46 Web Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument. Microsoft Internet Explorer 7,Microsoft Internet Explorer 8 2011-06-28T13:00:00 Software Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. N/A 2011-06-28T13:00:00 Web Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, w Microsoft Internet Explorer 6,Microsoft Internet Explorer 7,Microsoft Internet Explorer 8 2011-06-28T13:00:00 Web mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additi Microsoft Internet Explorer 7,Microsoft Internet Explorer 8 2011-06-28T13:00:00 Web The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page. Microsoft Internet Explorer 6,Microsoft Internet Explorer 7,Microsoft Internet Explorer 8 2011-06-28T13:00:00

    OVAL:12829: Microsoft Internet Explorer 'AddFavorite' Method Denial of Service Vulnerability

    OVAL:12441: Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability

    OVAL:12817: Microsoft Internet Explorer 6 through 8 spoofing vulnerability

    OVAL:12700: Microsoft Internet Explorer 'findText()' Unicode Parsing Denial of Service Vulnerability

    OVAL:12355: Microsoft Internet Explorer PDF Printing Information Disclosure

    Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
    Category Description Product Timestamp Missing Microsoft Patches 2539631 Windows 2011-08-09

    Page: 4 of 7

    Vulnerability Status Vulnerability Listing by Computer


    Low
    Shutdown without logon
    Category Description Product Timestamp Category Description Product Timestamp Registry Anybody is allowed to shutdown this computer. For more information, visit: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/gp/559.asp N/A 2002-01-01 Registry By default, Windows displays the last logged-on user. For more information, visit: http://support.microsoft.com/support/kb/articles/q114/4/63.asp Windows 2002-01-01-00:00 Registry Microsoft Windows NT caches the logon information of users who would have logged on, so that they would be able to logon when the server is unavailable. When a domain controller is unavailable and a users logon information is cached, the user will still Windows NT 2002-01-01-00:00 Registry The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (sin Windows 2002-01-01-00:00 Registry The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (sin Windows 2002-01-01-00:00

    Last logged-on username visible

    Cached Logon Credentials


    Category Description Product Timestamp

    AutoShareWKS
    Category Description Product Timestamp

    AutoShareServer
    Category Description Product Timestamp

    Potential
    USB devices installed over time
    Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Information This check generates a list of all USB devices that have been connected to the scanned computer. - Imation Nano USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - SONY WALKMAN USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Samsung YP-U3 USB Device N/A 2008-11-17-00:00 Information Page: 5 of This check generates a list of all USB devices that have been connected to the scanned 7 computer. - Kingston DT 101 G2 USB Device N/A 2008-11-17-00:00

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    Vulnerability Status Vulnerability Listing by Computer USB devices installed over time
    Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DT 101 G2 USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DataTraveler 2.0 USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DataTraveler 2.0 USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DataTraveler 2.0 USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DataTraveler 112 USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Generic USB SM Reader USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Generic USB SD Reader USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Generic USB MS Reader USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Generic USB CF Reader USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Audio Player USB Device N/A 2008-11-17-00:00

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    USB devices installed over time

    Page: 6 of 7

    Vulnerability Status Vulnerability Listing by Computer


    USB devices installed over time
    Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Category Description Product Timestamp Information This check generates a list of all USB devices that have been connected to the scanned computer. - TOSHIBA MK1652GSX USB Device N/A 2008-11-17-00:00 Information This check generates a list of all USB devices that have been connected to the scanned computer. - Kingston DataTraveler 2.0 USB Device N/A 2008-11-17-00:00 Information It is recommended to remove this account if not used N/A N/A Information It is recommended to remove this account if not used N/A N/A Backdoors N/A N/A N/A

    USB devices installed over time

    User Invitado never logged on

    User Administrador never logged on

    Open port commonly used by Trojans: TCP 17500 - Dropbox.exe

    Page: 7 of 7

    Das könnte Ihnen auch gefallen