Your Company Regional Summary - April 2003


Region No. Hosts New Hosts Vuln Hosts High Risk Medium Risk Low Risk New Vulns
V H V M V L
Asia Servers 4 0  4  5  3 (75%)  8  1 (25%)  10  0 (0%)  3
EMEA Servers 9 0  5  7  4 (44%)  6  1 (11%)  8  0 (0%)  3
US Servers 3 1  2  0  0 (0%)  2  1 (33%)  4  1 (33%)  1
Total 16 1  11  12  7 (44%)  16  3 (19%)  22  1 (6%)  7

Key H - Number of hosts that had high risk vulnerabilities (or lower) Increase
M - Number of hosts that had mediumn risk vulnerabilities (or lower) No change
L - Number of hosts that had low risk vulnerabilities Decrease

All Vulnerabilities Found

Vulnerability Severity Frequency
Asia EMEA US Total
SNMP Default Community Names High Risk 1 2 0 3
Unpassworded MySQL High Risk 0 1 0 1
BIND < 8.2.3 TSIG Overflow High Risk 1 0 0 1
Apache < 1.3.25 Chunked Encoding Vulnerability High Risk 1 0 0 1
Sendmail < 8.12.8 Header Buffer Overflow High Risk 1 0 0 1
IIS WebDAV Buffer Overrun High Risk 0 1 0 1
MySQL < 3.23.56 Privilege Escalation High Risk 0 2 0 2
MySQL < 3.23.55 Double Free High Risk 0 1 0 1
mod_ssl < 2.8.10 off by one Vulnerability High Risk 1 0 0 1
SMTP Server Allows VRFY/EXPN Medium Risk 1 0 0 1
DNS Zone Transfer Medium Risk 1 0 0 1
Apache < 1.3.31, 2.0.49 Connection Blocking DoS Medium Risk 1 0 0 1
OpenSSL < 0.9.6j, 0.9.7d Denial of Service Medium Risk 0 0 0 0
MySQL < 3.23.58, 4.0.15 Password Overflow Medium Risk 0 2 0 2
Lotus Domino Database Lock DoS Medium Risk 1 0 0 1
Portable OpenSSH PAM timing attack Medium Risk 1 0 0 1
Apache < 1.3.27 multiple vulnerablities Medium Risk 1 1 0 2
Web Server Cross Site Scripting Medium Risk 0 0 1 1
IIS global.asa Accessible Medium Risk 0 1 0 1
Sendmail -bt option Medium Risk 1 0 0 1
Useable Remote Name Server Medium Risk 0 1 1 2
Lotus Domino Anonymous Database Access Medium Risk 1 0 0 1
.printer ISAPI Filter Enabled Medium Risk 0 1 0 1
BIND Version Information Leakage Low Risk 1 0 0 1
Holes Detected in Firewall Configuration Low Risk 2 1 0 3
DNS Cache Snooping Low Risk 0 0 1 1
Apache < 1.3.29 Multiple Local Flaws Low Risk 1 1 0 2
Script Calling phpinfo() Detected Low Risk 0 0 0 0
Webserver Supports TRACE or TRACK Methods Low Risk 1 1 1 3
NTP Information Leakage Low Risk 0 0 1 1
SSH Protocol Version 1 Enabled Low Risk 1 0 1 2
Microsoft Frontpage Extensions Installed Low Risk 0 1 0 1
FTP Server type and version detected Low Risk 1 0 0 1
MySQL Server version Low Risk 0 2 0 2
Apache UserDir information leak Low Risk 0 0 0 0
Private IP Address Leakage Low Risk 0 1 0 1
PPTP Information Leakage Low Risk 1 0 0 1
Host Responded to ICMP Timestamp Request Low Risk 2 1 0 3

Scans by Clearview Systems