Post on 10-Jan-2016
transcript
Mphasis Internal Document
1
Vulnerability Assessment Report 2015
Document Control Section:
Scan start Date 23-July-2015
Scan end Date 25-July-2015
Scanned Subnet/Host 10.33.105.0/24
Number of Hosts Scanned 116
Scanned Project / Process AIG_10.33.105.0/24
Scanner Version Nessus 5.2.7
Scan Policy Name NetworkScan1_Servers_AIG
Scan Policy Approval Date 22-July-2014
Report Generated on 11-Aug-2015
Report Prepared by Varun Vasist HG
Report Verified by Dhanashekhar Devaraj
This report lists the vulnerabilities detected by Nessus Vulnerability Scanner after scanning the network. Objective of the report: This report is intended for Engineers (Infrastructure Security Administrators, Server Administrators, Network Administrators, Workstation Support Engineers or Helpdesk Support Engineers) for closing the identified vulnerabilities. Please evaluate each identified vulnerabilities and
1. Uninstall the related softwares / applications if not required for the delivery function 2. Close them as per the recommendations provided by OEM of the respective software or
Can refer the remedy information for vulnerabilities provided in this report Note: Number of systems identified and scanned in this report may not be accurate. The Vulnerability scanner reports the vulnerabilities on the systems which were active during scanning. It is recommended to check for these vulnerabilities in all the systems which are actually installed in the subnet.
Mphasis Internal Document
2
Host Information Consolidated Vulnerability Count
Important Note:
Total number of Critical and High Vulnerabilities are represented under High Vulnerability
column.
High Vulnerabilities Medium Vulnerabilities
2 10
Mphasis Internal Document
3
4
10.33.105.1
Host Information
IP: 10.33.105.1
OS: CISCO IOS 12.1, CISCO IOS 12.4
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
23/tcp
42263 - Unencrypted Telnet Server
Synopsis
The remote Telnet server transmits traffic in cleartext.
Description
The remote host is running a Telnet server over an unencrypted channel.
Using Telnet over an unencrypted channel is not recommended as logins, passwords, and commands are transferred
in cleartext. This allows a remote, man-in-the-middle attacker to eavesdrop on a Telnet session to obtain credentials
or other sensitive information and to modify traffic exchanged between a client and server.
SSH is preferred over Telnet since it protects credentials from eavesdropping and can tunnel additional data streams
such as an X11 session.
Solution
Disable the Telnet service and use SSH instead.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
Plugin Information:
Publication date: 2009/10/27, Modification date: 2015/03/19
Ports
tcp/23
Nessus collected the following banner from the remote Telnet server :
------------------------------ snip ------------------------------
C
***************************************************************************
THIS IS AN OFFICIAL COMPUTER SYSTEM/PRIVATE NETWORK & IS THE PROPERTY OF
THE MPHASIS Ltd. AND IS FOR AUTHORIZED MPHASIS BUSINESS PURPOSE AND
FOR AUTHORIZED INDIVIDUALS ONLY.UNAUTHORIZED ACCESS OR ATTEMPTS
TO ACCESS IS PROHIBITED AND USER / VIOLATOR WILL
BE PROSECUTED AS PER LAW.
***************************************************************************
Users (authorized or unauthorized) have no explicit or implicit expectation
of privacy. Any or all users of this system may be subject to one or more
of the following a ctions: interception, monitoring, recording, auditing
inspection and disclosing, to security personnel and law enforcement
personnel, as well as authorized officials of other agencies,both domestic
and foreign.By using this system,the authorized user
consents to these actions.
Mphasis Internal Document
4
5
Unauthorized or improper use of this system may result in administrative
disciplinary action. By accessing this system you indicate your awareness
of and consent to these terms and conditions of use. Discontinue access
immediately if you do not agree to the conditions
stated in this notice.
***************************************************************************
SWTBAN18AIGL30701 line 1
C
***************************************************************************
THIS IS AN OFFICIAL COMPUTER SYSTEM/PRIVATE NETWORK & IS THE PROPERTY OF
THE MPHASIS Ltd. AND IS FOR AUTHORIZED MPHASIS BUSINESS PURPOSE AND
FOR AUTHORIZED INDIVIDUALS ONLY.UNAUTHORIZED ACCESS OR ATTEMPTS
TO ACCESS IS PROHIBITED AND USER / VIOLATOR WILL
BE PROSECUTED AS PER LAW.
********************************************** [...]
Mphasis Internal Document
5
6
10.33.105.36
Host Information
IP: 10.33.105.36
OS: Dell iDRAC Controller, KYOCERA Printer, Linux Kernel 2.6
Results Summary
Critical High Medium Low Info Total
0 2 14 0 0 16
Results Details
389/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Ports
tcp/389
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
Mphasis Internal Document
6
7
TLSv1
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES-CBC(40) Mac=SHA1
export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/389
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Mphasis Internal Document
7
8
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/389
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
636/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Mphasis Internal Document
8
9
Publication date: 2007/10/08, Modification date: 2014/12/30
Ports
tcp/636
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES-CBC(40) Mac=SHA1
export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/636
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
Mphasis Internal Document
9
10
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/636
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
42880 - SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
Synopsis
The remote service allows insecure renegotiation of TLS / SSL connections.
Description
The remote service encrypts traffic using TLS / SSL but allows a client to insecurely renegotiate the connection after
the initial handshake.
An unauthenticated, remote attacker may be able to leverage this issue to inject an arbitrary amount of plaintext
into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service
assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the
application layer.
See Also
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
http://www.g-sec.lu/practicaltls.pdf
http://tools.ietf.org/html/rfc5746
Solution
Contact the vendor for specific patch information.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score
Mphasis Internal Document
10
11
5.0 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
References
BID 36935
CVE CVE-2009-3555
XREF OSVDB:59968
XREF OSVDB:59969
XREF OSVDB:59970
XREF OSVDB:59971
XREF OSVDB:59972
XREF OSVDB:59973
XREF OSVDB:59974
XREF OSVDB:60366
XREF OSVDB:60521
XREF OSVDB:61234
XREF OSVDB:61718
XREF OSVDB:61784
XREF OSVDB:61785
XREF OSVDB:61929
XREF OSVDB:62064
XREF OSVDB:62135
XREF OSVDB:62210
XREF OSVDB:62273
XREF OSVDB:62536
XREF OSVDB:62877
XREF OSVDB:64040
XREF OSVDB:64499
XREF OSVDB:64725
XREF OSVDB:65202
XREF OSVDB:66315
XREF OSVDB:67029
XREF OSVDB:69032
XREF OSVDB:69561
Mphasis Internal Document
11
12
XREF OSVDB:70055
XREF OSVDB:70620
XREF OSVDB:71951
XREF OSVDB:71961
XREF OSVDB:74335
XREF OSVDB:75622
XREF OSVDB:77832
XREF OSVDB:90597
XREF OSVDB:99240
XREF OSVDB:100172
XREF OSVDB:104575
XREF OSVDB:104796
XREF CERT:120541
XREF CWE:310
Plugin Information:
Publication date: 2009/11/24, Modification date: 2014/03/25
Ports
tcp/636
SSLv3 supports insecure renegotiation.
8080/tcp
34460 - Unsupported Web Server Detection
Synopsis
The remote web server is obsolete / unsupported.
Description
According to its version, the remote web server is obsolete and no longer maintained by its vendor or provider.
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may
contain security vulnerabilities.
Solution
Remove the service if it is no longer needed. Otherwise, upgrade to a newer version if possible or switch to another
server.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Plugin Information:
Publication date: 2008/10/21, Modification date: 2014/09/09
Ports
tcp/8080
Product : Tomcat
Installed version : 5.0.28
Supported versions : 7.0.x / 6.0.x
Mphasis Internal Document
12
13
Additional information : http://wiki.apache.org/tomcat/TomcatVersions
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
Mphasis Internal Document
13
14
tcp/8080
The following default files were found :
/tomcat-docs/index.html
8443/tcp
34460 - Unsupported Web Server Detection
Synopsis
The remote web server is obsolete / unsupported.
Description
According to its version, the remote web server is obsolete and no longer maintained by its vendor or provider.
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may
contain security vulnerabilities.
Solution
Remove the service if it is no longer needed. Otherwise, upgrade to a newer version if possible or switch to another
server.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Plugin Information:
Publication date: 2008/10/21, Modification date: 2014/09/09
Ports
tcp/8443
Product : Tomcat
Installed version : 5.0.28
Supported versions : 7.0.x / 6.0.x
Additional information : http://wiki.apache.org/tomcat/TomcatVersions
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
Mphasis Internal Document
14
15
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
tcp/8443
The following default files were found :
/tomcat-docs/index.html
15901 - SSL Certificate Expiry
Synopsis
The remote server's SSL certificate has already expired.
Description
This plugin checks expiry dates of certificates associated with SSL- enabled services on the target and reports
whether any have already expired.
Solution
Purchase or generate a new SSL certificate to replace the existing one.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
Plugin Information:
Publication date: 2004/12/03, Modification date: 2015/06/17
Ports
tcp/8443
The SSL certificate has already expired :
Mphasis Internal Document
15
16
Subject : C=US, ST=, L=, O=Novell, OU=iManager, CN=Temporary Certificate
Issuer : C=US, ST=, L=, O=Novell, OU=iManager, CN=Temporary Certificate
Not valid before : Jan 4 12:31:31 2010 GMT
Not valid after : Jan 4 12:31:31 2011 GMT
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Ports
tcp/8443
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES-CBC(40) Mac=SHA1
export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES-CBC(40) Mac=SHA1
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
Mphasis Internal Document
16
17
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/8443
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/8443
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
Mphasis Internal Document
17
18
TLSv1
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES-CBC(56) Mac=SHA1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
42880 - SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
Synopsis
The remote service allows insecure renegotiation of TLS / SSL connections.
Description
The remote service encrypts traffic using TLS / SSL but allows a client to insecurely renegotiate the connection after
the initial handshake.
An unauthenticated, remote attacker may be able to leverage this issue to inject an arbitrary amount of plaintext
into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service
assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the
application layer.
See Also
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
http://www.g-sec.lu/practicaltls.pdf
http://tools.ietf.org/html/rfc5746
Solution
Contact the vendor for specific patch information.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
References
BID 36935
CVE CVE-2009-3555
XREF OSVDB:59968
XREF OSVDB:59969
XREF OSVDB:59970
XREF OSVDB:59971
XREF OSVDB:59972
XREF OSVDB:59973
XREF OSVDB:59974
XREF OSVDB:60366
XREF OSVDB:60521
Mphasis Internal Document
18
19
XREF OSVDB:61234
XREF OSVDB:61718
XREF OSVDB:61784
XREF OSVDB:61785
XREF OSVDB:61929
XREF OSVDB:62064
XREF OSVDB:62135
XREF OSVDB:62210
XREF OSVDB:62273
XREF OSVDB:62536
XREF OSVDB:62877
XREF OSVDB:64040
XREF OSVDB:64499
XREF OSVDB:64725
XREF OSVDB:65202
XREF OSVDB:66315
XREF OSVDB:67029
XREF OSVDB:69032
XREF OSVDB:69561
XREF OSVDB:70055
XREF OSVDB:70620
XREF OSVDB:71951
XREF OSVDB:71961
XREF OSVDB:74335
XREF OSVDB:75622
XREF OSVDB:77832
XREF OSVDB:90597
XREF OSVDB:99240
XREF OSVDB:100172
XREF OSVDB:104575
XREF OSVDB:104796
Mphasis Internal Document
19
20
XREF CERT:120541
XREF CWE:310
Plugin Information:
Publication date: 2009/11/24, Modification date: 2014/03/25
Ports
tcp/8443
TLSv1 supports insecure renegotiation.
SSLv3 supports insecure renegotiation.
Mphasis Internal Document
20
21
10.33.105.37
Host Information
DNS Name: srvban18dvsql01.fs.mphasis.com
Netbios Name: SRVBAN18DVSQL01
IP: 10.33.105.37
MAC Address: 00:1a:a0:b5:b4:85
OS: Microsoft Windows Server 2003 Service Pack 2
Results Summary
Critical High Medium Low Info Total
0 0 3 0 0 3
Results Details
1433/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Mphasis Internal Document
21
22
Ports
tcp/1433
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1433
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
Mphasis Internal Document
22
23
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/1433
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1
export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1
export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Mphasis Internal Document
23
24
10.33.105.38
Host Information
DNS Name: srvban18qasql02.fs.mphasis.com
Netbios Name: SRVBAN18QASQL02
IP: 10.33.105.38
MAC Address: 00:1a:a0:bf:65:c4
OS: Microsoft Windows Server 2003 Service Pack 2
Results Summary
Critical High Medium Low Info Total
0 0 3 0 0 3
Results Details
1433/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Mphasis Internal Document
24
25
Ports
tcp/1433
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1433
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
Mphasis Internal Document
25
26
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/1433
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1
export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1
export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Mphasis Internal Document
26
27
10.33.105.43
Host Information
DNS Name: srvban18bkp02.fs.mphasis.com
Netbios Name: SRVBAN18BKP02
IP: 10.33.105.43
MAC Address: 00:17:a4:10:48:a3
OS: Microsoft Windows Server 2003 Service Pack 2
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
9000/tcp
10297 - Web Server Directory Traversal Arbitrary File Access
Synopsis
The remote web server is affected by a directory traversal vulnerability.
Description
It appears possible to read arbitrary files on the remote host outside the web server's document directory using a
specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information to
aide in subsequent attacks.
Note that this plugin is not limited to testing for known vulnerabilities in a specific set of web servers. Instead, it
attempts a variety of generic directory traversal attacks and considers a product to be vulnerable simply if it finds
evidence of the contents of '/etc/passwd' or a Windows 'win.ini' file in the response. It may, in fact, uncover 'new'
issues, that have yet to be reported to the product's vendor.
Solution
Contact the vendor for an update, use a different product, or disable the service altogether.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
4.1 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
References
BID 7308
BID 7362
BID 7378
BID 7544
BID 7715
BID 26583
Mphasis Internal Document
27
28
BID 32412
BID 40053
BID 40133
BID 40680
BID 43230
BID 43258
BID 43356
BID 43358
BID 43830
BID 44393
BID 44564
BID 44586
BID 45599
BID 45603
BID 47760
BID 47842
BID 47987
BID 48114
BID 48926
BID 51286
BID 51311
BID 51399
BID 52327
BID 52384
BID 52541
BID 56871
BID 57143
BID 57313
BID 58794
BID 67389
BID 70760
Mphasis Internal Document
28
29
CVE CVE-2000-0920
CVE CVE-2007-6483
CVE CVE-2008-5315
CVE CVE-2010-1571
CVE CVE-2010-3459
CVE CVE-2010-3487
CVE CVE-2010-3488
CVE CVE-2010-3743
CVE CVE-2010-4181
CVE CVE-2011-1900
CVE CVE-2011-2524
CVE CVE-2011-4788
CVE CVE-2012-0697
CVE CVE-2012-1464
CVE CVE-2012-5100
CVE CVE-2012-5335
CVE CVE-2012-5344
CVE CVE-2012-5641
CVE CVE-2013-2619
CVE CVE-2013-3304
CVE CVE-2014-3744
XREF OSVDB:3681
XREF OSVDB:42402
XREF OSVDB:50288
XREF OSVDB:64532
XREF OSVDB:64611
XREF OSVDB:65285
XREF OSVDB:68026
XREF OSVDB:68089
XREF OSVDB:68141
XREF OSVDB:68538
Mphasis Internal Document
29
30
XREF OSVDB:68880
XREF OSVDB:68962
XREF OSVDB:70176
XREF OSVDB:72231
XREF OSVDB:72498
XREF OSVDB:72972
XREF OSVDB:73413
XREF OSVDB:74135
XREF OSVDB:78307
XREF OSVDB:78308
XREF OSVDB:79653
XREF OSVDB:79867
XREF OSVDB:80586
XREF OSVDB:82647
XREF OSVDB:82678
XREF OSVDB:88925
XREF OSVDB:89293
XREF EDB-ID:24915
XREF EDB-ID:33428
XREF EDB-ID:35056
XREF CWE:22
Plugin Information:
Publication date: 1999/11/05, Modification date: 2015/01/13
Ports
tcp/9000
Nessus was able to retrieve the remote host's 'win.ini' file using the
following URL :
- http://srvban18bkp02.fs.mphasis.com:9000/../../../../../../../../../../../../winnt/win.ini
Here are the contents :
------------------------------ snip ------------------------------
; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[MCI Extensions.BAK]
asf=MPEGVideo
asx=MPEGVideo
m3u=MPEGVideo
mp2v=MPEGVideo
Mphasis Internal Document
30
31
mp3=MPEGVideo
mpv2=MPEGVideo
wax=MPEGVideo
wm=MPEGVideo
wma=MPEGVideo
wmv=MPEGVideo
wvx=MPEGVideo
wmx=MPEGVideo2
wpl=MPEGVideo
[WinZip]
Note-1=This section is required only to install the optional WinZip Internet Browser Support
build 0231.
Note-2=Removing this section of the win.ini will have no effect except preventing installation of
WinZip Internet Browser Support build 0231.
win32_version=6.3-8.0
[Solitaire]
Options=3
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
------------------------------ snip ------------------------------
Note that Nessus stopped searching after one exploit was found. To
report all known exploits, enable 'Thorough tests' and re-scan.
Mphasis Internal Document
31
32
10.33.105.50
Host Information
DNS Name: mpbakoraiusrv8.fs.mphasis.com
Netbios Name: MPBAKORAIUSRV8
IP: 10.33.105.50
MAC Address: 00:17:a4:10:ff:28
OS: Microsoft Windows Server 2003 Service Pack 2
Results Summary
Critical High Medium Low Info Total
0 0 3 0 0 3
Results Details
1433/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Mphasis Internal Document
32
33
Ports
tcp/1433
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1433
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
Mphasis Internal Document
33
34
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/1433
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1
export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1
export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Mphasis Internal Document
34
35
10.33.105.52
Host Information
DNS Name: srvllaiusybase.fs.mphasis.com
Netbios Name: SRVLLAIUSYBASE
IP: 10.33.105.52
MAC Address: 00:17:a4:10:28:2c
OS: Microsoft Windows Server 2003 Service Pack 2
Results Summary
Critical High Medium Low Info Total
0 0 3 0 0 3
Results Details
1498/tcp
26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
http://www.openssl.org/docs/apps/ciphers.html
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Publication date: 2007/10/08, Modification date: 2014/12/30
Mphasis Internal Document
35
36
Ports
tcp/1498
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5
export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5
export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1498
- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
Mphasis Internal Document
36
37
The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as
those with key lengths at least 56 bits and less than 112 bits.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2009/11/23, Modification date: 2012/04/02
Ports
tcp/1498
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1
export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1
export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Mphasis Internal Document
37
38
10.33.105.56
Host Information
IP: 10.33.105.56
OS: Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows Server 2008
R2, Microsoft Windows 7
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
8080/tcp
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
XREF CWE:751
XREF CWE:800
Mphasis Internal Document
38
39
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
tcp/8080
The following default files were found :
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Mphasis Internal Document
39
40
10.33.105.85
Host Information
Netbios Name: WKSBAN18ALF7169
IP: 10.33.105.85
MAC Address: 2c:27:d7:46:b5:d8
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
8080/tcp
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
Mphasis Internal Document
40
41
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
tcp/8080
The following default files were found :
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Mphasis Internal Document
41
42
10.33.105.108
Host Information
Netbios Name: WKSBAN18ALF7171
IP: 10.33.105.108
MAC Address: 3c:d9:2b:4c:bf:25
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
8080/tcp
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
Mphasis Internal Document
42
43
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
tcp/8080
The following default files were found :
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Mphasis Internal Document
43
44
10.33.105.125
Host Information
Netbios Name: WKSBAN18ALF7240
IP: 10.33.105.125
MAC Address: 2c:27:d7:46:b6:0c
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 5 0 0 5
Results Details
8880/tcp
64097 - IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities
Synopsis
The remote application server may be affected by multiple vulnerabilities.
Description
IBM WebSphere Application Server 7.0 before Fix Pack 27 appears to be running on the remote host. It is, therefore,
potentially affected by the following vulnerabilities :
- A request validation error exists related to the proxy server component that could allow a remote attacker to cause
the proxy status to be reported as disabled, thus denying applications access to the proxy.
(CVE-2012-3330, PM71319)
- A user-supplied input validation error exists that could allow cross-site request forgery (CSRF) attacks to be carried
out. (CVE-2012-4853, PM62920)
- Unspecified errors exist related to the administration console that could allow cross-site scripting attacks.
(CVE-2013-0458, CVE-2013-0459, CVE-2013-0460, PM71139, PM72536, PM72275)
- An unspecified error exists related to the administration console for 'virtual member manager'
(VMM) that can allow cross-site scripting.
(CVE-2013-0461, PM71389)
See Also
http://www.nessus.org/u?c8df3590
http://www.nessus.org/u?85335f50
http://www.nessus.org/u?6249ee05
http://www.nessus.org/u?5ae80ba2
Solution
If using WebSphere Application Server, apply Fix Pack 27 (7.0.0.27) or later.
Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, contact the
vendor for more information as IBM currently has not a published fix pack 27 for that.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.6 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
Mphasis Internal Document
44
45
References
BID 56458
BID 56459
BID 57508
BID 57509
BID 57510
BID 57512
CVE CVE-2012-3330
CVE CVE-2012-4853
CVE CVE-2013-0458
CVE CVE-2013-0459
CVE CVE-2013-0460
CVE CVE-2013-0461
XREF OSVDB:87338
XREF OSVDB:87339
XREF OSVDB:89514
XREF OSVDB:89515
XREF OSVDB:89517
XREF OSVDB:89518
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
XREF CWE:751
XREF CWE:800
XREF CWE:801
Mphasis Internal Document
45
46
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2013/01/25, Modification date: 2015/07/13
Ports
tcp/8880
Version source :
Installed version : 7.0.0.0
Fixed version : 7.0.0.27
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/8880
- SSLv3 is enabled and the server supports at least one cipher.
Mphasis Internal Document
46
47
42880 - SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
Synopsis
The remote service allows insecure renegotiation of TLS / SSL connections.
Description
The remote service encrypts traffic using TLS / SSL but allows a client to insecurely renegotiate the connection after
the initial handshake.
An unauthenticated, remote attacker may be able to leverage this issue to inject an arbitrary amount of plaintext
into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service
assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the
application layer.
See Also
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
http://www.g-sec.lu/practicaltls.pdf
http://tools.ietf.org/html/rfc5746
Solution
Contact the vendor for specific patch information.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
References
BID 36935
CVE CVE-2009-3555
XREF OSVDB:59968
XREF OSVDB:59969
XREF OSVDB:59970
XREF OSVDB:59971
XREF OSVDB:59972
XREF OSVDB:59973
XREF OSVDB:59974
XREF OSVDB:60366
XREF OSVDB:60521
XREF OSVDB:61234
XREF OSVDB:61718
XREF OSVDB:61784
XREF OSVDB:61785
XREF OSVDB:61929
Mphasis Internal Document
47
48
XREF OSVDB:62064
XREF OSVDB:62135
XREF OSVDB:62210
XREF OSVDB:62273
XREF OSVDB:62536
XREF OSVDB:62877
XREF OSVDB:64040
XREF OSVDB:64499
XREF OSVDB:64725
XREF OSVDB:65202
XREF OSVDB:66315
XREF OSVDB:67029
XREF OSVDB:69032
XREF OSVDB:69561
XREF OSVDB:70055
XREF OSVDB:70620
XREF OSVDB:71951
XREF OSVDB:71961
XREF OSVDB:74335
XREF OSVDB:75622
XREF OSVDB:77832
XREF OSVDB:90597
XREF OSVDB:99240
XREF OSVDB:100172
XREF OSVDB:104575
XREF OSVDB:104796
XREF CERT:120541
XREF CWE:310
Plugin Information:
Publication date: 2009/11/24, Modification date: 2014/03/25
Ports
tcp/8880
SSLv3 supports insecure renegotiation.
Mphasis Internal Document
48
49
9043/tcp
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/9043
- SSLv3 is enabled and the server supports at least one cipher.
9443/tcp
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Mphasis Internal Document
49
50
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/9443
- SSLv3 is enabled and the server supports at least one cipher.
Mphasis Internal Document
50
51
10.33.105.136
Host Information
Netbios Name: WKSBAN18ALF7178
IP: 10.33.105.136
MAC Address: d4:85:64:b3:7e:be
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
8080/tcp
12085 - Apache Tomcat servlet/JSP container default files
Synopsis
The remote web server contains example files.
Description
Example JSPs and Servlets are installed in the remote Apache Tomcat servlet/JSP container. These files should be
removed as they may help an attacker uncover information about the remote Tomcat install or host itself. Or they may
themselves contain vulnerabilities such as cross-site scripting issues.
Solution
Review the files and delete those that are not needed.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
Mphasis Internal Document
51
52
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Publication date: 2004/03/02, Modification date: 2015/02/13
Ports
tcp/8080
The following default files were found :
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Mphasis Internal Document
52
53
10.33.105.158
Host Information
Netbios Name: WKSBAN18ALF7224
IP: 10.33.105.158
MAC Address: 2c:27:d7:46:b4:32
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
1433/tcp
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1433
- SSLv3 is enabled and the server supports at least one cipher.
Mphasis Internal Document
53
54
10.33.105.160
Host Information
Netbios Name: WKSBAN18ALF7239
IP: 10.33.105.160
MAC Address: 2c:27:d7:46:b6:55
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
80/tcp
11213 - HTTP TRACE / TRACK Methods Allowed
Synopsis
Debugging functions are enabled on the remote web server.
Description
The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that
are used to debug web server connections.
See Also
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://download.oracle.com/sunalerts/1000718.1.html
Solution
Disable these methods. Refer to the plugin output for more information.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
3.9 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
BID 9506
BID 9561
BID 11604
BID 33374
BID 37995
CVE CVE-2003-1567
Mphasis Internal Document
54
55
CVE CVE-2004-2320
CVE CVE-2010-0386
XREF OSVDB:877
XREF OSVDB:3726
XREF OSVDB:5648
XREF OSVDB:50485
XREF CERT:288308
XREF CERT:867593
XREF CWE:16
Plugin Information:
Publication date: 2003/01/23, Modification date: 2015/01/13
Ports
tcp/80
Nessus sent the following TRACE request :
------------------------------ snip ------------------------------
TRACE /Nessus34398088.html HTTP/1.1
Connection: Close
Host: 10.33.105.160
Pragma: no-cache
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8
------------------------------ snip ------------------------------
and received the following response from the remote server :
------------------------------ snip ------------------------------
HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Thu, 23 Jul 2015 21:00:45 GMT
Content-type: message/http
Connection: close
TRACE /Nessus34398088.html HTTP/1.1
Connection: Close
Host: 10.33.105.160
Pragma: no-cache
User-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Accept-language: en
Accept-charset: iso-8859-1,*,utf-8
------------------------------ snip ------------------------------
Mphasis Internal Document
55
56
10.33.105.171
Host Information
Netbios Name: WKSBAN18ALF7004
IP: 10.33.105.171
MAC Address: 00:23:24:08:31:aa
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
0 0 1 0 0 1
Results Details
1433/tcp
20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL reportedly
suffer from several cryptographic flaws. An attacker may be able to exploit these flaws to conduct man-in-the-middle
attacks or to decrypt communications between the affected service and clients.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement
found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC'S definition of 'strong cryptography'.
See Also
http://www.schneier.com/paper-ssl.pdf
http://support.microsoft.com/kb/187498
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.0 or higher instead.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2005/10/12, Modification date: 2015/07/01
Ports
tcp/1433
- SSLv3 is enabled and the server supports at least one cipher.
Mphasis Internal Document
56
57
10.33.105.177
Host Information
Netbios Name: WKSBAN18ALF7170
IP: 10.33.105.177
MAC Address: 2c:27:d7:47:6b:2b
OS: Microsoft Windows 7 Enterprise
Results Summary
Critical High Medium Low Info Total
1 0 0 0 0 1
Results Details
8080/tcp
34970 - Apache Tomcat Manager Common Administrative Credentials
Synopsis
The management console for the remote web server is protected using a known set of credentials.
Description
Nessus was able to gain access to the Manager web application for the remote Tomcat server using a known set of
credentials. A remote attacker can exploit this issue to install a malicious application on the affected server and run
arbitrary code with Tomcat's privileges (usually SYSTEM on Windows, or the unprivileged 'tomcat' account on Unix).
Worms are known to propagate this way.
See Also
http://markmail.org/thread/wfu4nff5chvkb6xp
http://svn.apache.org/viewvc?view=revision&revision=834047
http://www.intevydis.com/blog/?p=87
http://www.zerodayinitiative.com/advisories/ZDI-10-214/
http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0260.html
Solution
Edit the associated 'tomcat-users.xml' file and change or remove the affected set of credentials.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.3 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
References
BID 36253
BID 36954
BID 37086
Mphasis Internal Document
57
58
BID 38084
BID 44172
CVE CVE-2009-3099
CVE CVE-2009-3548
CVE CVE-2010-0557
CVE CVE-2010-4094
XREF OSVDB:57898
XREF OSVDB:60176
XREF OSVDB:60317
XREF OSVDB:62118
XREF OSVDB:69008
XREF EDB-ID:18619
XREF CWE:255
Exploitable with
Core Impact (true)Metasploit (true)
Plugin Information:
Publication date: 2008/11/26, Modification date: 2015/04/20
Ports
tcp/8080
It was possible to log into the Tomcat Manager web app using the
following info :
URL : http://10.33.105.177:8080/manager/html
Username : admin
Password :
URL : http://10.33.105.177:8080/host-manager/html
Username : admin
Password :
URL : http://10.33.105.177:8080/manager/status
Username : admin
Password :