Your Company System Detail - April 2010

System	192.168.1.52 ( http://sql1.manc.yourcompany.com )
Criticality
Scan Type	Enterprise
Start Date	13-Apr-10 11:54
End Date	13-Apr-10 15:37
Customer Ref
Groups	EMEA, Microsoft
PCI Status	COMPONENT FAILED

Contact E-mail	Role
cuthbert@yourcompany.com	Systems Architect

Ports: 3 (High:3 Low:0)

	Port	Protocol	Service	Details
	1433	tcp	ms-sql-s	No banner found
	3306	tcp	mysql	Response Received
	1434	udp	mssql	Response Received

Vulnerabilities: 4 (High:2 Medium:2 Low:0)

Vulnerability	10481	MySQL Database Accessible Without Password	High Risk

Description	This system is running a MySQL service that allows network connections with no password. A remote attacker could use this to manipulate the database in any way. The unpassworded accounts are:
Solution	Add a password or restrict access to trusted addresses.
References	CVE-2004-1532 Bugtraq ID 11704
Deadline	01 April 2010
CVSS Score	7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
First Found	13 March 2010	Port	3306/tcp	Last 6 Months

Vulnerability	90027	High Risk Ports Open	High Risk

Description	The following high risk ports are open: PORT SERVICE 1433/tcp ms-sql-s 1434/udp mssql 3306/tcp mysql It is generally not recommended to expose these ports to the internet as they may be used as attack vectors. If access to these services from remote sites is required, tunnelling or a VPN would be recommended instead of exposing these ports. Note: Even if the ports are immediately closed after being opened, this is still a security risk as packets are reaching the destination host. It is recommended to completely drop packets from untrusted sources instead.
Solution	Ensure that the ports are filtered by your router or firewall or close the ports on the affected systems.
Category	Hosting or infrastructure flaw.
First Found	13 February 2010	Port	general	Last 6 Months

Vulnerability	11842	MySQL < 3.23.58, 4.0.15 Password Overflow	Medium Risk

Description	This system is running a vulnerable version of MySQL, according to its banner. There is a buffer overrun vulnerability in code related to passwords. A database user could use this to crash the service and take control of the system, by changing their password to a carefully crafted value.
Solution	Upgrade to an unaffected version, or apply a patch.
References	Bugtraq ID 8590 CVE-2003-0780
CVSS Score	9 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
First Found	13 February 2010	Port	3306/tcp	Last 6 Months

Vulnerability	11378	MySQL < 3.23.56 Privilege Escalation	Medium Risk

Description	This system is running a vulnerable version of MySQL, according to its banner. There is insufficient permissions checking in code related to the "select into outfile" SQL command. A database user could use this to overwrite configuration files and escalate privileges.
Solution	Upgrade to an unaffected version, or apply a patch.
Category	Hosting or infrastructure flaw.
References	Bugtraq ID 7052 CVE-2003-0150
CVSS Score	9 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
First Found	13 February 2010	Port	3306/tcp	Last 6 Months

Historical Information

Scans by Westpoint Ltd