Your Company Scan Results - April 2003

Vulnerability Statistics

 12
 17
 24
 7
 High risk vulnerabilities found.
Medium risk vulnerabilities found.
Low risk vulnerabilities found.
New vulnerabilities found. 		 7
 4
 1
 12
 7		 Hosts (37%) had high risk vulnerabilities.
Hosts (21%) had medium risk vulnerabilities.
Hosts (5%) had low risk vulnerabilities.
Hosts (63%) had vulnerabilities.
Hosts (37%) had no vulnerabilities. 		Scan Type
Start Date
End Date
Hosts Scanned
New Hosts 		Enterprise
13-Apr-03 11:30
13-Apr-03 16:43
19
1

Key Increase No change Decrease High Risk Medium Risk Low Risk None Found

Summary of Results

Host Name IP Address Report Ports Open Vulnerabilities Found
www.example.com 192.168.0.112 View 3 8 (1 New)
www.your_company.nl 192.168.0.103 View 7 7 (1 New)
mail.example.com 192.168.0.111 View 8 7 (1 New)
dns0.example.com 192.168.0.110 View 5 5 (1 New)
sql1.manc.yourcompany.com 192.168.1.52 View 3 4
sql2.manc.yourcompany.com 192.168.1.53 View 2 4
www.your_company.fr 192.168.0.105 View 5 2 (2 New)
www.yourcompany.net 192.168.0.102 View 2 5
www.yourcompany.co.uk 192.168.0.100 View 5 4
apollo.example.com 192.168.0.81 View 3 3
www.yourcompany.com.my 192.168.0.106 View 2 3
www.yourcompany.com   NEW 192.168.0.101 View 12 1 (1 New)
192.168.0.104 192.168.0.104 View 2 0
www1.manc.yourcompany.com 192.168.1.54 View 2 0
www2.manc.yourcompany.com 192.168.1.55 View 2 0
mail1.manc.yourcompany.com 192.168.1.50 View 1 0
mail2.manc.yourcompany.com 192.168.1.51 View 1 0
gopher.example.com 192.168.0.93 View 0 0
laptop.yourcompany.com 192.168.0.57 View 0 0

All Vulnerabilities Found

Frequency Vulnerability Severity
3 SNMP Default Community Names High Risk
2 MySQL < 3.23.56 Privilege Escalation High Risk
1 Apache < 1.3.25 Chunked Encoding Vulnerability High Risk
1 BIND < 8.2.3 TSIG Overflow High Risk
1 IIS WebDAV Buffer Overrun High Risk
1 MySQL < 3.23.55 Double Free High Risk
1 Sendmail < 8.12.8 Header Buffer Overflow High Risk
1 Unpassworded MySQL High Risk
1 mod_ssl < 2.8.10 off by one Vulnerability High Risk
2 Apache < 1.3.27 multiple vulnerablities Medium Risk
2 MySQL < 3.23.58, 4.0.15 Password Overflow Medium Risk
2 Useable Remote Name Server Medium Risk
1 .printer ISAPI Filter Enabled Medium Risk
1 Apache < 1.3.31, 2.0.49 Connection Blocking DoS Medium Risk
1 DNS Zone Transfer Medium Risk
1 IIS global.asa Accessible Medium Risk
1 Lotus Domino Anonymous Database Access Medium Risk
1 Lotus Domino Database Lock DoS Medium Risk
1 OpenSSL < 0.9.6j, 0.9.7d Denial of Service Medium Risk
1 Portable OpenSSH PAM timing attack Medium Risk
1 SMTP Server Allows VRFY/EXPN Medium Risk
1 Sendmail -bt option Medium Risk
1 Web Server Cross Site Scripting Medium Risk
3 Holes Detected in Firewall Configuration Low Risk
3 Host Responded to ICMP Timestamp Request Low Risk
3 Webserver Supports TRACE or TRACK Methods Low Risk
2 Apache < 1.3.29 Multiple Local Flaws Low Risk
2 MySQL Server version Low Risk
2 SSH Protocol Version 1 Enabled Low Risk
1 Apache UserDir information leak Low Risk
1 BIND Version Information Leakage Low Risk
1 DNS Cache Snooping Low Risk
1 FTP Server type and version detected Low Risk
1 Microsoft Frontpage Extensions Installed Low Risk
1 NTP Information Leakage Low Risk
1 PPTP Information Leakage Low Risk
1 Private IP Address Leakage Low Risk
1 Script Calling phpinfo() Detected Low Risk

Scans by Clearview Systems