| Security Issues and Fixes: 140.211.166.115 |
| Type |
Port |
Issue and Fix |
| Informational |
smtp (25/tcp) |
An SMTP server is running on this port
Here is its banner :
220 nessus.osuosl.org ESMTP Postfix
Nessus ID : 10330 |
| Informational |
smtp (25/tcp) |
Synopsis :
An SMTP server is listening on the remote port.
Description :
The remote host is running a mail (SMTP) server on this port.
Since SMTP servers are the targets of spammers, it is recommended you
disable it if you do not use it.
Solution :
Disable this service if you do not use it, or filter incoming traffic
to this port.
Risk factor :
None
Plugin output :
Remote SMTP server banner :
220 nessus.osuosl.org ESMTP Postfix
Nessus ID : 10263 |
| Warning |
general/tcp |
Synopsis :
The remote operating system contains obsolete software
Description :
The remote Gentoo system contains several packages or versions
which have been marked as obsolete and have been removed from
the portage tree.
These versions are therefore unmaintained, which means that if
any security flaw is found in them, no patch will be made
available.
In addition to this, these packages might break after a library
upgrade and it will be impossible to recompile them.
Solution:
Remove or upgrade those packages.
Risk factor :
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Plugin output :
The following packages should be updated:
app-admin/denyhosts-2.6-r1
app-admin/sysstat-8.0.0
app-arch/cpio-2.9-r1
app-arch/gzip-1.3.5-r10
app-arch/tar-1.18-r2
app-editors/nano-2.0.2
app-misc/ca-certificates-20061027.2
app-shells/bash-3.2_p17
dev-libs/apr-0.9.12
dev-libs/apr-util-0.9.12-r1
dev-python/setuptools-0.6_rc6
mail-client/mailx-support-20060102-r1
net-analyzer/nagios-plugins-1.4.10-r1
net-analyzer/net-snmp-5.4.1-r1
net-firewall/iptables-1.3.8-r2
net-libs/liblockfile-1.06-r2
net-misc/cfengine-2.1.22-r1
net-misc/iputils-20060512
net-misc/ntp-4.2.4_p3
sys-apps/baselayout-1.12.10-r5
sys-apps/coreutils-6.4
sys-apps/debianutils-2.17.4
sys-apps/diffutils-2.8.7-r1
sys-apps/ethtool-5
sys-apps/findutils-4.3.2-r1
sys-apps/gawk-3.1.5-r2
sys-apps/grep-2.5.1-r8
sys-apps/less-394
sys-apps/man-pages-2.42
sys-apps/net-tools-1.60-r12
sys-apps/pciutils-2.2.4-r3
sys-apps/portage-2.1.3.19
sys-apps/shadow-4.0.18.1
sys-devel/binutils-config-1.9-r3
sys-devel/bison-2.2
sys-devel/flex-2.5.33-r1
sys-devel/gcc-config-1.3.14
sys-devel/gettext-0.16.1
sys-devel/gnuconfig-20060702
sys-devel/libtool-1.5.22
sys-devel/m4-1.4.7
sys-fs/udev-115-r1
sys-kernel/hardened-sources-2.6.20-r10
sys-libs/ncurses-5.6-r1
sys-libs/pam-0.78-r5
sys-libs/timezone-data-2007g
sys-process/cronbase-0.3.2-r1
sys-process/psmisc-22.2
Nessus ID : 24017 |
| Informational |
general/tcp |
140.211.166.115 resolves as nessus.osuosl.org.
Nessus ID : 12053 |
| Informational |
general/tcp |
Information about this scan :
Nessus version : 3.0.5 (Nessus 3.0.6 is available - consider upgrading)
Plugin feed version : 200804171734
Type of plugin feed : Registered (7 days delay)
Scanner IP : 140.211.166.115
Port scanner(s) : nessus_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Optimize the test : yes
Max hosts : 20
Max checks : 4
Recv timeout : 5
Scan Start Date : 2008/4/18 17:38
Scan duration : 90 sec
Nessus ID : 19506 |
| Informational |
general/tcp |
Synopsis :
It is possible to enumerate installed software on the remote host, via SSH.
Description :
This plugin lists the software installed on the remote host by calling the
appropriate command (rpm -qa on RPM-based Linux distributions, etc...)
Solution :
Remove software that is not compliant with your company policy.
Risk factor :
None
Plugin output :
Here is the list of packages installed on the remote Gentoo Linux system :
app-admin/eselect-vi-1.1.4
app-admin/logrotate-3.7.2
app-admin/sysstat-8.0.0
app-admin/perl-cleaner-1.04.3
app-admin/syslog-ng-2.0.6
app-admin/apache-tools-2.2.6
app-admin/pwgen-2.04
app-admin/denyhosts-2.6-r1
app-admin/python-updater-0.2
app-admin/cronolog-1.6.2-r2
app-admin/eselect-1.0.10
app-crypt/gnupg-1.4.7-r1
app-crypt/hashalot-0.3-r2
www-client/lynx-2.8.6-r2
net-libs/libpcap-0.9.7
net-libs/libnet-1.1.2.1-r1
net-libs/liblockfile-1.06-r2
net-dns/libidn-1.0-r1
net-dns/bind-tools-9.4.1_p1
sys-libs/gdbm-1.8.3-r3
sys-libs/timezone-data-2007g
sys-libs/ss-1.40.3
sys-libs/db-4.3.29-r2
sys-libs/pam-0.78-r5
sys-libs/ncurses-5.6-r1
sys-libs/glibc-2.5-r4
sys-libs/com_err-1.40.3
sys-libs/zlib-1.2.3-r1
sys-libs/db-4.5.20_p2
sys-libs/readline-5.1_p4
sys-libs/pwdb-0.62
sys-libs/cracklib-2.8.9-r1
virtual/perl-libnet-1.21
virtual/init-0
virtual/libiconv-0
virtual/libintl-0
virtual/perl-MIME-Base64-3.07
virtual/perl-digest-base-1.15
virtual/perl-Digest-MD5-2.36
dev-libs/apr-util-0.9.12-r1
dev-libs/openssl-0.9.8f
dev-libs/libol-0.3.18
dev-libs/expat-1.95.8
dev-libs/libmix-2.05
dev-libs/popt-1.10.7
dev-libs/apr-util-1.2.10
dev-libs/glib-2.14.6
dev-libs/apr-1.2.11
dev-libs/eventlog-0.2.5
dev-libs/apr-0.9.12
dev-libs/libpcre-7.6-r1
sys-devel/gcc-3.4.6-r2
sys-devel/m4-1.4.7
sys-devel/bison-2.2
sys-devel/binutils-2.16.1-r3
sys-devel/gettext-0.16.1
sys-devel/flex-2.5.33-r1
sys-devel/automake-wrapper-3-r1
sys-devel/automake-1.7.9-r1
sys-devel/autoconf-2.13
sys-devel/gnuconfig-20060702
sys-devel/autoconf-2.61-r1
sys-devel/make-3.81
sys-devel/libperl-5.8.8-r1
sys-devel/libtool-1.5.22
sys-devel/gcc-config-1.3.14
sys-devel/automake-1.4_p6
sys-devel/bc-1.06-r6
sys-devel/patch-2.5.9
sys-devel/binutils-config-1.9-r3
sys-devel/automake-1.10
sys-devel/autoconf-wrapper-4-r3
app-vim/gentoo-syntax-20070506
sys-fs/e2fsprogs-1.40.3
sys-fs/udev-115-r1
perl-core/digest-base-1.15
perl-core/PodParser-1.35
perl-core/Test-Harness-2.64
perl-core/libnet-1.21
app-shells/dash-0.5.3.7
app-shells/bash-3.2_p17
sys-apps/pciutils-2.2.4-r3
sys-apps/kbd-1.12-r8
sys-apps/mktemp-1.5
sys-apps/module-init-tools-3.2.2-r3
sys-apps/gawk-3.1.5-r2
sys-apps/findutils-4.3.2-r1
sys-apps/baselayout-1.12.10-r5
sys-apps/portage-2.1.3.19
sys-apps/grep-2.5.1-r8
sys-apps/tcp-wrappers-7.6-r8
sys-apps/man-pages-2.42
sys-apps/which-2.16
sys-apps/sed-4.1.5
sys-apps/man-1.6e-r3
sys-apps/sandbox-1.2.17
sys-apps/debianutils-2.17.4
sys-apps/diffutils-2.8.7-r1
sys-apps/sysvinit-2.86-r8
sys-apps/coreutils-6.4
sys-apps/util-linux-2.12r-r8
sys-apps/texinfo-4.8-r5
sys-apps/file-4.21-r1
sys-apps/groff-1.19.2-r1
sys-apps/net-tools-1.60-r12
sys-apps/shadow-4.0.18.1
sys-apps/ethtool-5
sys-apps/less-394
sys-apps/slocate-2.7-r8
mail-mta/postfix-2.4.6-r2
dev-util/ctags-5.5.4-r2
dev-util/pkgconfig-0.21-r1
dev-util/strace-4.5.15
dev-python/setuptools-0.6_rc6
dev-python/python-fchksum-1.7.1
dev-python/pycrypto-2.0.1-r6
app-arch/bzip2-1.0.5
app-arch/tar-1.18-r2
app-arch/cpio-2.9-r1
app-arch/gzip-1.3.5-r10
app-arch/rpm2targz-9.0-r6
net-firewall/iptables-1.3.8-r2
app-portage/portage-utils-0.1.28
app-portage/gentoolkit-0.2.3-r1
app-forensics/rkhunter-1.2.9
sys-auth/nss_ldap-258
sys-auth/pam_ldap-183
dev-perl/Net-SNMP-5.2.0
dev-perl/TermReadKey-2.30
dev-perl/Crypt-DES-2.05
dev-perl/Digest-HMAC-1.01-r1
dev-perl/Digest-SHA1-2.11
dev-lang/python-2.4.4-r6
dev-lang/perl-5.8.8-r4
mail-client/mailx-8.1.2.20040524-r1
mail-client/mailx-support-20060102-r1
app-editors/vim-7.1.042
app-editors/nano-2.0.2
app-editors/vim-core-7.1.042
net-mail/mailbase-1
net-nds/openldap-2.3.41
sys-kernel/linux-headers-2.6.17-r2
sys-kernel/hardened-sources-2.6.20-r10
net-analyzer/nmap-4.20
net-analyzer/net-snmp-5.4.1-r1
net-analyzer/nagios-plugins-1.4.10-r1
net-analyzer/netcat-110-r8
net-analyzer/iptraf-3.0.0-r3
net-analyzer/nessus-bin-3.0.5
net-analyzer/nagios-nrpe-2.10
net-analyzer/tcpdump-3.9.7-r1
net-misc/stunnel-4.21-r1
net-misc/whois-4.7.24
net-misc/wget-1.10.2
net-misc/openssh-4.7_p1-r6
net-misc/cfengine-2.1.22-r1
net-misc/iputils-20060512
net-misc/rsync-2.6.9-r6
net-misc/ntp-4.2.4_p3
sys-process/at-3.1.8-r11
sys-process/procps-3.2.6
sys-process/cronbase-0.3.2-r1
sys-process/htop-0.6.6
sys-process/psmisc-22.2
sys-process/vixie-cron-4.1-r10
sys-process/lsof-4.78
app-misc/ca-certificates-20061027.2
app-misc/screen-4.0.3
app-misc/mime-types-7
app-misc/pax-utils-0.1.15
Nessus ID : 22869 |
| Informational |
general/tcp |
Synopsis :
This plugin enumerates IPv4 interfaces on a remote host.
Description :
By connecting to the remote host with the supplied credentials, this
plugin enumerates network interfaces configured with IPv4 addresses.
Solution :
Disable any unused IPv4 interfaces.
Risk factor :
None
Plugin output :
The following IPv4 addresses are set on the remote host :
- 140.211.166.115 (on interface eth0)
- 127.0.0.1 (on interface lo)
Nessus ID : 25203 |
| Informational |
general/tcp |
Remote operating system : Linux Kernel 2.6.20-xen-r7-osl1-domU on Gentoo Base System release 1.12.10
Confidence Level : 100
Method : LinuxDistribution
The remote host is running Linux Kernel 2.6.20-xen-r7-osl1-domU on Gentoo Base System release 1.12.10
Nessus ID : 11936 |
| Informational |
general/tcp |
Nessus can run commands on localhost to check if patches are applied
The output of "uname -a" is :
Linux nessus 2.6.20-xen-r7-osl1-domU #4 SMP Tue Feb 26 01:34:45 UTC 2008 i686 Intel(R) Xeon(TM) CPU 2.80GHz GenuineIntel GNU/Linux
The remote Gentoo system is :
Gentoo Base System release 1.12.10
Local security checks have been enabled for this host.
Nessus ID : 12634 |
| Informational |
ntp (123/udp) |
Synopsis :
An NTP server is listening on the remote host.
Description :
An NTP (Network Time Protocol) server is listening on this port.
It provides information about the current date and time of the
remote system and may provide system information.
Risk factor :
None
Plugin output :
It was possible to gather the following information from the remote NTP host :
version='ntpd 4.2.4p3@1.1502-o Sat Oct 6 00:59:07 UTC 2007 (1)',
processor='i686', system='Linux/2.6.20-xen-r7-osl1-domU', leap=0,
stratum=2, precision=-20, rootdelay=48.596, rootdispersion=57.295,
peer=31244, refid=209.132.176.4, reftime=0xcbb3507f.9dd17a2a, poll=10,
clock=0xcbb35b26.02287294, state=4, offset=0.698, frequency=-78.920,
jitter=3.095, noise=0.305, stability=0.060, tai=0
Nessus ID : 10884 |
| Informational |
cfengine (5308/tcp) |
The service closed the connection after 0 seconds without sending any data
It might be protected by some TCP wrapper
Nessus ID : 10330 |
| Informational |
cfengine (5308/tcp) |
cfengine version 2.1.22 is running on this port.
cfengine is a language-based system for testing and configuring
unix and windows systems attached to a TCP/IP network.
Risk factor : None
Nessus ID : 14315 |