Your Company System Detail - April 2010

System 192.168.0.106 ( http://www.yourcompany.com.my )
Criticality
Scan Type Enterprise
Start Date 13-Apr-10 11:54
End Date
Customer Ref
Groups Asia, Other

Ports: 2 (High:0 Low:2)

  Port Protocol Service Details  
  80 tcp http Lotus-Domino/0  
  1723 tcp pptp Closed Immediately with TCP FIN  

Ports Closed Since Last Month: 1 (High:0 Low:1)

  Port Protocol Service Details  
  80 tcp www No banner found  


Vulnerabilities: 2 (High:0 Medium:2 Low:0)

Vulnerability 11718 Lotus Domino < 5.0.9 Database Lock DoS Medium Risk
Description This system is running a vulnerable version of Lotus Domino, according to its banner. There is a vulnerability in the code related to database locking. A remote attack could use this to lock out some databases, by requesting them through the web interface with a carefully crafted URL. 
Solution Upgrade to an unaffected version, or apply a patch. 
References CVE-2001-0954   
First Found 13 January 2010 Port 80/tcp Last 6 Months

Vulnerability 10629 Lotus Domino Anonymous Database Access Medium Risk
Description This system is running Lotus Domino. Some databases are accessible without authentication:
http://192.168.0.106/certlog.nsf
This usually represents a security risk as the information contained is accessible to anyone on the internet. 
Solution Reconfigure Domino to require authentication for these databases. 
References CVE-2002-0664    CVE-2000-0021   
CVSS Score 5  (AV:N/AC:L/Au:N/C:P/I:N/A:N) 
First Found 13 February 2010 Port 80/tcp Last 6 Months


Historical Information

Scans by Westpoint Ltd