Report

21 28 14 15 19 1 4	High risk vulnerabilities found. Medium risk vulnerabilities found. Low risk vulnerabilities found. SANS vulnerabilities found. New vulnerabilities found. Urgent vulnerabilities found. Overdue vulnerabilities found.	9 3 0 9 12 8 1 3	Systems (45%) had high risk vulnerabilities. Systems (15%) had medium risk vulnerabilities. Systems (0%) had low risk vulnerabilities. Systems (45%) had SANS vulnerabilities. Systems (60%) had vulnerabilities. Systems (40%) had no vulnerabilities. Systems (5%) had urgent vulnerabilities. Systems (15%) had overdue vulnerabilities.	Report Generated Scan Type Start Date End Date Systems Scanned New Systems	12-May-10 16:03 Enterprise 13-Apr-10 11:54 13-Apr-10 21:31 20 2

Key	Increase	No change	Decrease	High Risk	Medium Risk	Low Risk	No Services	No Ports/Vulns	Not Subnet Scanned

Host Name	IP Address	Report	Ports	Vulnerabilities
www.your_company.nl	192.168.0.103	View	7	11 (5 New)
www.yourcompany.co.uk	192.168.0.100	View	5	9 (5 New)
www.example.com	192.168.0.112	View	3	11 (4 New)
mail.example.com	192.168.0.111	View	8	5
dns0.example.com	192.168.0.110	View	5	4
sql1.manc.yourcompany.com	192.168.1.52	View	3	4
sql2.manc.yourcompany.com	192.168.1.53	View	2	4
www.yourcompany.com	192.168.0.101	View	12	2 (2 New)
www.your_company.fr	192.168.0.105	View	5	3 (3 New)
www.yourcompany.net	192.168.0.102	View	2	5
apollo.example.com	192.168.0.81	View	3	3
www.yourcompany.com.my	192.168.0.106	View	2	2
www1.manc.yourcompany.com	192.168.1.54	View	2	0
www2.manc.yourcompany.com	192.168.1.55	View	2	0
mail1.manc.yourcompany.com	192.168.1.50	View	1	0
mail2.manc.yourcompany.com	192.168.1.51	View	1	0
192.168.0.104	192.168.0.104	View	2	0
gopher.example.com	192.168.0.93	View	0	0
192.168.100.9	192.168.100.9	View	1	0
laptop.yourcompany.com	192.168.0.57	View	0	0

Frequency	Vulnerability	Severity
6	High Risk Ports Open	High Risk
3	SNMP Default Community Names	High Risk
1	IIS WebDAV Buffer Overrun	High Risk
1	MySQL Database Accessible Without Password	High Risk
1	Administration Interface with Weak Password	High Risk
1	Possible Compromise	High Risk
1	BIND < 8.2.3 Buffer Overrun	High Risk
1	Authentication Bypass Through Cookie Manipulation	High Risk
1	Apache < 1.3.26 Chunked Encoding Vulnerability	High Risk
1	IIS ASP.NET Application Trace Enabled	High Risk
1	Sendmail < 8.12.8 Buffer Overrun	High Risk
1	Sensitive Information Leakage	High Risk
1	Script Appears Vulnerable to SQL Injection	High Risk
1	Script Allows Arbitrary Command Execution	High Risk
2	Apache < 1.3.27 Multiple Vulnerabilities	Medium Risk
2	SSH Protocol Version 1 Enabled	Medium Risk
2	Cross-Site Scripting	Medium Risk
2	Globally Useable Name Server	Medium Risk
2	MySQL < 3.23.58, 4.0.15 Password Overflow	Medium Risk
2	MySQL < 3.23.56 Privilege Escalation	Medium Risk
1	OpenSSH < 3.6.1p2 PAM Timing Attack	Medium Risk
1	Lotus Domino < 5.0.9 Database Lock DoS	Medium Risk
1	MySQL < 3.23.55 Multiple Vulnerabilities	Medium Risk
1	SMTP Server Allows VRFY/EXPN	Medium Risk
1	Script Allows Arbitrary Redirection	Medium Risk
1	Apache < 1.3.31, 2.0.49 Multiple Vulnerabilities	Medium Risk
1	XPath Injection	Medium Risk
1	Lotus Domino Anonymous Database Access	Medium Risk
1	OpenSSL < 0.9.6m, 0.9.7d Multiple Vulnerabilities	Medium Risk
1	Weak or Ineffective Authentication Mechanism	Medium Risk
1	SSL Certificate Problems	Medium Risk
1	Apache mod_ssl < 2.8.10 off by one Vulnerability	Medium Risk
1	IIS .printer ISAPI Filter Enabled	Medium Risk
1	IIS global.asa Accessible	Medium Risk
1	DNS Zone Transfer	Medium Risk
1	Service Permits Unauthenticated Users to Send Arbitrary Emails	Medium Risk
3	TRACE and/or TRACK Methods Enabled	Low Risk
3	Holes Detected in Firewall Configuration	Low Risk
2	Apache < 1.3.29 Multiple Local Flaws	Low Risk
1	NTP Information Leakage	Low Risk
1	DNS Cache Snooping	Low Risk
1	Apache mod_userdir Information Leak	Low Risk
1	Microsoft Frontpage Extensions Installed	Low Risk
1	Private IP Address Leakage	Low Risk
1	Script Calling phpinfo() Detected	Low Risk

Your Company Scan Results - April 2010

Vulnerability Statistics

Systems

All Vulnerabilities