Return to the 2006 Operating System Vulnerability Summary on OmniNerd

List of hosts

192.168.1.3

High Severity problem(s) found

192.168.1.3

Scan time :

Start time :	Tue Feb 20 21:06:32 2007
End time :	Tue Feb 20 21:17:14 2007

Number of vulnerabilities :

Open ports :	1
Low :	7
Medium :	2
High :	1

Information about the remote host :

Operating system :	Mac OS 9
NetBIOS name :	(unknown)
DNS name :	(unknown)

[^] Back to 192.168.1.3

Port http (80/tcp)

Services
A web server is running on this port Nessus ID : 10330

Oracle9iAS too long URL
It may be possible to make the Oracle9i application server crash or execute arbitrary code by sending it a too long url specially crafted URL. Risk factor : High Solution : Upgrade your server. CVE : CVE-2001-0836 BID : 3443 Other references : OSVDB:5534 Nessus ID : 11081

[^] Back to 192.168.1.3

Port general/tcp

IP protocols scan
The following IP protocols are accepted on this host: 1 ICMP 2 IGMP 6 TCP 17 UDP Nessus ID : 14788

OS Identification
The remote host is running Mac OS 9 Nessus ID : 11936

spank.c

Your machine answers to TCP packets that are coming from a multicast
address. This is known as the 'spank' denial of service attack.

An attacker might use this flaw to shut down this server and
saturate your network, thus preventing you from working properly.
This also could be used to run stealth scans against your machine.

Solution : contact your operating system vendor for a patch.
Filter out multicast addresses (224.0.0.0/4)

Risk factor : Medium

Nessus ID : 11901

Information about the scan

Information about this scan :

Nessus version : 3.0.4
Plugin feed version : 200701101815
Type of plugin feed : Registered (7 days delay)
Scanner IP : 192.168.1.250
Port scanner(s) : nessus_tcp_scanner synscan
Port range : default
Thorough tests : yes
Experimental tests : no
Paranoia level : 0
Report Verbosity : 2
Safe checks : no
Max hosts : 40
Max checks : 5
Scan Start Date : 2007/2/20 21:06
Scan duration : 642 sec

Nessus ID : 19506

Check open ports

The following ports were open at the beginning of the scan but are now closed:

Port 80 was detected as being open but is now closed.

This might be an availability problem related which might be due to the following reasons :

- The remote host is now down, either because a user turned it off during the scan
- A selected denial of service was effective against this host
- A network outage has been experienced during the scan, and the remote
network cannot be reached from the Vulnerability Scanner any more
- This Vulnerability Scanner has been blacklisted by the system administrator
or by automatic intrusion detection/prevention systems which have detected the
vulnerability assessment.

In any case, the audit of the remote host might be incomplete and may need to
be done again

Nessus ID : 10919

[^] Back to 192.168.1.3

Port general/udp

Traceroute
For your information, here is the traceroute from 192.168.1.250 to 192.168.1.3 : 192.168.1.250 192.168.1.3 Nessus ID : 10287

[^] Back to 192.168.1.3

Port general/icmp

icmp netmask request

The remote host answered to an ICMP_MASKREQ query and sent us its
netmask (255.255.255.0).

An attacker can use this information to understand how your network is set up
and how the routing is done. This may help him to bypass your filters.

Solution : reconfigure the remote host so that it does not answer to those
requests. Set up filters that deny ICMP packets of type 17.

Risk factor : Low
CVE : CVE-1999-0524

Nessus ID : 10113

Record route
Here is the route recorded between 192.168.1.250 and 192.168.1.3 : 192.168.1.3. Nessus ID : 12264