WIXLIB

SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012ITS DEPTNessus PluginFamilyMarch 5, 2012 at 6:15pm CST[third]Confidential: The following report contains confidential information. Do not distribute, email, fax,or transfer via any electronic mechanism unless it has been approved by the recipient company'ssecurity policy. All copies and backups of this document should be saved on protected storage at alltimes. Do not share any of the information contained within this report with anyone unless they areauthorized to view the information. Violating any of the previous instructions is grounds for termination.

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012Table of ContentsPlugin Family SummaryAIX Local Security ChecksBackdoors.CGI abuses6.7.Debian Local Security Checks111315.17.19.21Denial of ServiceFedora Local Security ChecksFirewalls.23.24FreeBSD Local Security ChecksFTP9.Default Unix AccountsDNS4.CGI abuses : XSSDatabases3.CentOS Local Security ChecksCISCO1.26.28Gain a shell remotely.30Table of ContentsTenable Network Securityi

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012General32.Gentoo Local Security Checks.33HP-UX Local Security Checks.35Junos Local Security Checks.37MacOS X Local Security Checks.39Mandriva Local Security Checks.41.42Misc.NetwareN/A.44.45Peer-To-Peer File Sharing.47.49.50Policy CompliancePort scannersRed Hat Local Security ChecksRPC.51.SCADA.Service detectionSettings5254.56.57Slackware Local Security ChecksSMTP problems.58.59Table of ContentsTenable Network Securityii

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012SNMP61.Solaris Local Security ChecksSuSE Local Security Checks.63.64Ubuntu Local Security Checks.VMware ESX Local Security Checks.68.70.72Web ServersWindows66Windows : Microsoft Bulletins.74Windows : User management.76Table of ContentsTenable Network Securityiii

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012Plugin Family SummaryPlugin Family Severity Port scanners141721417214172000Service detection9890761971662581950Windows : User indows : Microsoft 00Web Red Hat Local Security 333172614550CGI abuses : XSS28151021173834140CentOS Local Security Checks6121100944105680Solaris Local Security Checks9960996009960Backdoors886498356668610Denial of Service6094969344704650Gain a shell remotely6764948143705640VMware ESX Local 83740SuSE Local Security Checks4381904485423770Default Unix Accounts9000900009000Peer-To-Peer File D Local Security Checks4512890479114000SMTP problems51708741962584200Ubuntu Local Security ckware Local Security Checks52208611832494290AIX Local Security Checks8580858008580CGI abuses492885740064510Debian Local Security Checks401283548203530HP-UX Local Security Checks534283104244070Plugin Family SummaryTenable Network Security1

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012FamilyScoreTotalLowMed.HighCrit.MacOS X Local Security Checks47768142191993960Gentoo Local Security Checks468377734304340Fedora Local Security Checks3149726386912490Mandriva Local Security Checks397370634303630Junos Local Security e1780367212431030Policy Compliance26757833160Generic222222000Web Servers222000Web Clients222000DNS Servers310100Mobile Devices111000Plugin Family SummaryTenable Network Security2

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012AIX Local Security ChecksTop 25 Most Common PluginsTotalSeverity55359Plugin53HighAIX 530011 : U840860Plugin Name5538248HighAIX 530011 : U8434005537644HighAIX 530011 : U8408775536744HighAIX 530011 : U8408685535644HighAIX 530011 : U8408575535544HighAIX 530011 : U8408565536941HighAIX 530011 : U8408705537739HighAIX 530011 : U8408785538336HighAIX 530011 : U8434015537234HighAIX 530011 : U8408735537134HighAIX 530011 : U8408725537533HighAIX 530011 : U8408765536330HighAIX 530011 : U8408645537428HighAIX 530011 : U8408755536528HighAIX 530011 : U8408665536428HighAIX 530011 : U8408655536626HighAIX 530011 : U8408675535826HighAIX 530011 : U8408595537823HighAIX 530011 : U8408795536123HighAIX 530011 : U8408625537922HighAIX 530011 : U8433975535722HighAIX 530011 : U8408585538021HighAIX 530011 : U8433985537021HighAIX 530011 : U8408715536021HighAIX 530011 : U840861AIX Local Security ChecksTenable Network Security3

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012BackdoorsTop 25 Most Common PluginsPluginTotalSeverityPlugin Name1558654HighMoonLit Virus BackdoorDetection5198850HighRogue Shell BackdoorDetection3395150HighGeneric Backdoor Detection(banner check)1558348HighUnpassworded 'bash'Backdoor Account1228747HighMicrosoft IIS Download.JectTrojan Detection1839244HighIRC Bot Detection4500638HighEnergizer DUO USB BatteryCharger Software Backdoor(credentialed check)1836737HighKibuv Worm Detection1483437HighRadmin (RemoteAdministrator) Port 10002 Possible GDI Compromise2391035HighCompromised WindowsSystem (hosts File Check)1418433HighZincite.A (MyDoom.M)Backdoor Detection3603631HighConficker Worm Detection(uncredentialed check)1557031HighPostNuke Trojaned Distribution1551731HighHacker Defender BackdoorDetection4927030HighStuxnet Worm Detection1226629HighW32.Dabber Worm Detection1201229MediumCYDOOR Software Detection1112327LowRadmin (RemoteAdministrator) Port 4899Detection4508526HighZeus/Zbot Banking Trojan/DataTheft (credentialed check)4921124HighHere You Have Email WormDetection4688223HighUnreal IRC Daemon BackdoorDetection1211122HighPhatBOT Backdoor Detection1201322HighDOWNLOADWARE SoftwareDetectionBackdoorsTenable Network Security4

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012PluginTotalSeverityPlugin Name1942919HighZotob Worm Detection4500518HighArugizer Backdoor DetectionBackdoorsTenable Network Security5

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012CentOS Local Security ChecksTop 25 Most Common PluginsTotalSeverity58042Plugin29HighCentOS : RHSA-2012-0317Plugin Name5804128HighCentOS : RHSA-2012-01405773328HighCentOS : RHSA-2012-00695777827HighCentOS : RHSA-2012-00802525426LowCentOS : RHSA-2007-03455781025HighCentOS : RHSA-2012-00965780925HighCentOS : RHSA-2012-00954372425LowCentOS : RHSA-2009-00082585025LowCentOS : RHSA-2007-07772544725LowCentOS : RHSA-2007-03855780824HighCentOS : RHSA-2012-00935773423HighCentOS : RHSA-2012-00704378123LowCentOS : RHSA-2009-12875798322HighCentOS : RHSA-2012-01415777722HighCentOS : RHSA-2012-00792550122LowCentOS : RHSA-2007-04732540322LowCentOS : RHSA-2007-03865778021HighCentOS : RHSA-2012-00855796220HighCentOS : RHSA-2012-01365780720HighCentOS : RHSA-2012-00925777920HighCentOS : RHSA-2012-00845773220HighCentOS : RHSA-2012-00625810919HighCentOS : RHSA-2012-03325787819HighCentOS : RHSA-2012-01052600419LowCentOS : RHSA-2007-0795CentOS Local Security ChecksTenable Network Security6

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012CGI abusesTop 25 Most Common PluginsPluginTotalSeverityPlugin Name5779929LowCodeMeter WebAdminDetection5562929HighSymantec Web Gatewayforget.php Blind SQL Injection(SYM11-008)5544729LowManageEngine SupportCenterPlus Detection5808827HighFreePBX gen amp conf.phpInformation Disclosure5734626HighphpMyAdmin 3.3.x / 3.4.x 3.3.10.2 / 3.4.3.1 MultipleVulnerabilities (PMASA-2011-5- PMASA-2011-8)5648526HighCisco Unified OperationsManager 8.6 MultipleVulnerabilities5757625Highop5 Portal Arbitrary CommandExecution5651225HighMyBB 1.6.4 Backdoor PHPCode Execution5550925LowRSA Self-Service ConsoleDetection5562724LowSymantec Web GatewayDetection5496924LowApache Archiva Detection5753723HighPHP 5.3.9 MultipleVulnerabilities5695823HighVMware vCenter UpdateManager Directory Traversal(VMSA-2011-0014)5675422HighDell KACE K2000 WebBackdoor Account5757720Lowop5 Monitor Detection5551220LowAdobe ColdFusion RemoteDevelopment Services5673519HighTimThumb Cache Directory srcParameter Arbitrary PHP FileUpload5597819LowSitecore CMS Detection5803918HighPHP 5.3.9'php register variable ex()'Code Execution (intrusivecheck)5797518LowKayako SupportSuite DetectionCGI abusesTenable Network Security7

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012PluginTotalSeverityPlugin Name5139418LowDD-WRT Info.live.htmInformation Disclosure5602417HighHP SiteScope DefaultCredentials5596917HighPHP 5.3.7 crypt() MD5Incorrect Return Value5593117HighOracle GlassFish ServerAdministration Console GETRequest Authentication Bypass5545517LowTrend Micro Data LossPrevention Virtual ApplianceWeb Console DetectionCGI abusesTenable Network Security8

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012CGI abuses : XSSTop 25 Most Common PluginsPluginTotalSeverityPlugin Name5665255MediumphpMyAdmin 3.4.x 3.4.6 Cross-Site Scripting(PMASA-2011-16)5624054MediumPhorum 5.2.x 5.2.17'control.php' 'real name' Crosssite Scripting5590347MediumCGI Generic Cross-SiteScripting (extended patterns)5460442MediumMDaemon WorldClient 12.0.3 Summary Page EmailSubject XSS5597540MediumApache Hadoop Jetty XSS5808738MediumphpMyAdmin 3.4.x 3.4.10.1 Cross-Site Scripting(PMASA-2012-1)5761736MediumCacti 0.8.7g Multiple CrossSite Scripting and HTMLInjection Vulnerabilities5590435MediumCGI Generic Script Injection(quick test)5357631MediumAtlassian Confluence 2.x 2.7 / 3.x 3.4.9 Multiple CrossSite Scripting Vulnerabilities2225431MediumWeb Server Expect HeaderXSS5733730MediumphpMyAdmin 3.4.x 3.4.8 Cross-Site Scripting(PMASA-2011-18)5737129MediumManageEngine ServiceDeskPlus 8.0.0 Build 8015Multiple Cross-Site ScriptingVulnerabilities5637929MediumphpMyAdmin 3.4.x 3.4.5 Cross-site Scripting(PMASA-2011-14)5457927LowMailman 2.1.14 Multiple XSS5248327MediumCGI Generic Cross-SiteScripting (persistent, 3rd Pass)5109027MediumMODx login.php 'username'Parameter XSS1770927LowPHP 4.4.2 Multiple CrossSite Scripting Vulnerabilities5737226MediumphpMyAdmin 3.4.x 3.4.9 Cross-Site ScriptingCGI abuses : XSSTenable Network Security9

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012PluginTotalSeverityPlugin Name(PMASA-2011-19 andPMASA-2011-20)5114325MediumOpenfire Admin Consolelogin.jsp XSS5357523MediumAtlassian Confluence 2.x 2.7 / 3.x 3.4.6 Multiple CrossSite Scripting Vulnerabilities5320922MediumSymantec LiveUpdateAdministrator 2.3 CSRF(SYM11-005)5797921MediumOracle WebCenter ContentHelp Component Cross-SiteScripting5045021MediumAtlassian FishEye CodeMetrics Report Plugin XSS1081521MediumWeb Server Generic XSS5197219MediumCGI Generic Cross-SiteScripting (Parameters Names)CGI abuses : XSSTenable Network Security10

Nessus Plugin FamilySecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT 2012CISCOTop 25 Most Common PluginsPluginTotalSeverityPlugin Name5604532HighCisco ASA 5500 SeriesMultiple DoS isco IOS Software SmartInstall Remote Code ExecutionVulnerability - Cisco Systems5258629HighCisco ASA 5500 SeriesMultiple Vulnerabilities (ciscosa-20110223-asa)4905629HighCisco IOS Software TCPDenial of Service Vulnerability Cisco Systems4905228HighCisco IOS SoftwareMultiprotocol Label SwitchingPacket Vulnerability5542427HighRADIUS Authentication Bypass- Cisco Systems1955927LowCiscoWorks ManagementConsole Detection5632126HighCisco IOS Software IPSand Zone-Based FirewallVulnerabilities - Cisco Systems5631326HighCisco 10000 Series Denial ofService Vulnerability - CiscoSystems4905426HighCisco IOS Software SessionInitiation Protocol Denial ofService Vulnerabilities4900126MediumCisco Catalyst 6000, 6500and Cisco 7600 Series MPLSPacket Vulnerability4895426MediumCisco IOS BGP AttributeCorruption Vulnerability - CiscoSystems4895026MediumCisco IOS HTTP Server QueryVulnerability - Cisco Systems5483325High4901725MediumMultiple Cisco ProductsVulnerable to DNS CachePoisoning Attacks4896124MediumCisco IOS ARP TableOverwrite Vulnerability - CiscoSystemsIPv6 Crafted PacketVulnerability - Cisco SystemsCISCOTenable Network Security11